jmb
/
hardened_malloc
mirror of https://github.com/GrapheneOS/hardened_malloc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CONFIG_SEAL_METADATA is regularly tested now

pull/187/head
Daniel Micay 2022-01-13 14:25:41 -05:00
parent 17891d743e
commit 42b097f3b0
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -267,11 +267,10 @@ The following boolean configuration options are available:
* `CONFIG_SEAL_METADATA`: `true` or `false` (default) to control whether Memory * `CONFIG_SEAL_METADATA`: `true` or `false` (default) to control whether Memory
Protection Keys are used to disable access to all writable allocator state Protection Keys are used to disable access to all writable allocator state
outside of the memory allocator code. It's currently disabled by default due outside of the memory allocator code. It's currently disabled by default due
to lack of regular testing and a significant performance cost for this use to a significant performance cost for this use case on current generation
case on current generation hardware, which may become drastically lower in hardware, which may become drastically lower in the future. Whether or not
the future. Whether or not this feature is enabled, the metadata is all this feature is enabled, the metadata is all contained within an isolated
contained within an isolated memory region with high entropy random guard memory region with high entropy random guard regions around it.
regions around it.
The following integer configuration options are available: The following integer configuration options are available: