Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We introduce a number of security attacks and show that all but one allocator are vulnerable to some of the attacks - including the default CheriBSD allocator. We then show that while some forms of allocator performance are meaningful, comparing the performance of hybrid and pure capability (i.e. 'running in non-CHERI vs. running in CHERI modes') allocators does not appear to be meaningful. Although we do not fully understand the reasons for this, it seems to be at least as much due to factors such as immature compiler toolchains as it is due to the effects of capabilities on hardware.

翻译：多款开源内存分配器已移植至CHERI硬件能力平台。本文在Arm实验性Morello平台的CheriBSD环境下，系统评估了这些分配器的安全性能与运行效率。我们提出多种安全攻击方式，证实包括默认CheriBSD分配器在内的所有分配器（仅一款除外）均存在安全隐患。研究发现，虽然某些形式的分配器性能指标具有参考价值，但混合模式与纯能力模式（即"非CHERI模式与CHERI模式运行"）分配器的性能比较缺乏实际意义。尽管我们尚未完全理解其成因，但推测该现象至少部分源于编译器工具链尚不成熟以及能力机制对硬件影响的双重作用。