CONFIG_SEAL_METADATA is regularly tested now
parent
17891d743e
commit
42b097f3b0
|
@ -267,11 +267,10 @@ The following boolean configuration options are available:
|
|||
* `CONFIG_SEAL_METADATA`: `true` or `false` (default) to control whether Memory
|
||||
Protection Keys are used to disable access to all writable allocator state
|
||||
outside of the memory allocator code. It's currently disabled by default due
|
||||
to lack of regular testing and a significant performance cost for this use
|
||||
case on current generation hardware, which may become drastically lower in
|
||||
the future. Whether or not this feature is enabled, the metadata is all
|
||||
contained within an isolated memory region with high entropy random guard
|
||||
regions around it.
|
||||
to a significant performance cost for this use case on current generation
|
||||
hardware, which may become drastically lower in the future. Whether or not
|
||||
this feature is enabled, the metadata is all contained within an isolated
|
||||
memory region with high entropy random guard regions around it.
|
||||
|
||||
The following integer configuration options are available:
|
||||
|
||||
|
|
Loading…
Reference in New Issue