Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								b6685b29a1 
								
							 
						 
						
							
							
								
								keep existing environment variables  
							
							... 
							
							
							
							such as CFLAGS, CPPFLAGS, LDFLAGS
https://github.com/GrapheneOS/hardened_malloc/pull/91 
https://github.com/GrapheneOS/hardened_malloc/issues/88 
https://github.com/GrapheneOS/hardened_malloc/issues/85  
							
						 
						
							2019-07-28 18:20:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								131b1ebd78 
								
							 
						 
						
							
							
								
								simplify genmkfile appendix  
							
							
							
						 
						
							2019-07-23 01:29:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								3a27245fca 
								
							 
						 
						
							
							
								
								lower verbosity  
							
							
							
						 
						
							2019-07-23 01:23:57 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								3fc23f8bfd 
								
							 
						 
						
							
							
								
								lower debian/changelog versions during development  
							
							
							
						 
						
							2019-07-22 23:43:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								4a286a9d0e 
								
							 
						 
						
							
							
								
								set CONFIG_NATIVE=false to not optimize for build machine  
							
							
							
						 
						
							2019-07-22 23:03:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								dc599bf62d 
								
							 
						 
						
							
							
								
								fortunately no need to use versioned shared object file names  
							
							... 
							
							
							
							https://www.debian.org/doc/debian-policy/ch-sharedlibs.html  
						
							2019-07-22 12:05:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								b8fa714be7 
								
							 
						 
						
							
							
								
								move genmkfile appendix to bottom instead of top to not break the default make target  
							
							
							
						 
						
							2019-07-22 12:01:12 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								4c00e74d45 
								
							 
						 
						
							
							
								
								bumped changelog version  
							
							
							
						 
						
							2019-07-22 01:15:34 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f7d78bba9c 
								
							 
						 
						
							
							
								
								/usr/lib/libhardened_malloc.so.1 instead of /usr/lib/libhardened_malloc.so  
							
							
							
						 
						
							2019-07-21 01:25:40 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e2bba96033 
								
							 
						 
						
							
							
								
								fix changelog  
							
							
							
						 
						
							2019-07-21 00:24:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								8cd51ca138 
								
							 
						 
						
							
							
								
								override local default to -fstack-protector-strong  
							
							... 
							
							
							
							This is a no-op on a toolchain compiled with the basic mitigations
enabled by default, so this is generally a no-op anywhere this project
is likely to be deployed. SSP has a very low performance cost so there's
little reason to avoid it, even though it also has zero value for this
code in practice. It would be great if one of the more modern approaches
was widely adopted, but unfortunately SSP is as good as it gets for
portable options. It doesn't provide any protection against external
writes to the stack data which is all that's really needed here.
ShadowCallStack is a great option for arm64, but it's substantially more
difficult to protect return addresses well on x86_64 due to the design of
the ISA and ABI. 
							
						 
						
							2019-07-21 00:22:52 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e6ff9c7468 
								
							 
						 
						
							
							
								
								use -fstack-clash-protection for completeness  
							
							... 
							
							
							
							This is a no-op for the current code and will likely remain that way so
there's no benefit but also no performance cost. 
							
						 
						
							2019-07-21 00:22:43 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Patrick Schleizer 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f3e201bac9 
								
							 
						 
						
							
							
								
								initial debian packaging  
							
							
							
						 
						
							2019-07-21 00:20:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								d80919fa1e 
								
							 
						 
						
							
							
								
								substantially raise the arbitrary arena limit  
							
							
							
						 
						
							2019-07-12 03:43:33 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								410e9efb93 
								
							 
						 
						
							
							
								
								extend configuration sanity checks  
							
							
							
						 
						
							2019-07-11 17:09:48 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								7bcfa500be 
								
							 
						 
						
							
							
								
								remove note about lack of sanity checks for config  
							
							
							
						 
						
							2019-07-11 15:50:45 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								72a08f88fb 
								
							 
						 
						
							
							
								
								supports Debian oldstable due to Buster release  
							
							
							
						 
						
							2019-07-10 18:08:14 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								a32e26b8e9 
								
							 
						 
						
							
							
								
								avoid trying to use mremap outside of Linux  
							
							
							
						 
						
							2019-07-05 21:59:44 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								934ab4cb59 
								
							 
						 
						
							
							
								
								explain extended size classes impact on quarantine  
							
							
							
						 
						
							2019-07-05 17:57:41 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								060f74b993 
								
							 
						 
						
							
							
								
								extended size classes now go up to 128k not 64k  
							
							
							
						 
						
							2019-07-05 17:55:25 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								4d4277319a 
								
							 
						 
						
							
							
								
								clarifications to randomization documentation  
							
							
							
						 
						
							2019-06-23 19:20:16 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								a579257a26 
								
							 
						 
						
							
							
								
								update libdivide to 1.1  
							
							
							
						 
						
							2019-06-23 00:39:35 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								bb65d088dc 
								
							 
						 
						
							
							
								
								drop default class region size to 32GiB  
							
							
							
						 
						
							2019-06-19 01:00:22 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								706c1970b5 
								
							 
						 
						
							
							
								
								add GitHub funding metadata  
							
							
							
						 
						
							2019-06-18 22:54:49 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								dba11c0091 
								
							 
						 
						
							
							
								
								fix warning with glibc from cfree  
							
							
							
						 
						
							2019-06-18 22:50:10 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								539d4f0d37 
								
							 
						 
						
							
							
								
								add extended size classes to offset test  
							
							
							
						 
						
							2019-06-18 15:51:28 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								bc75c4db7b 
								
							 
						 
						
							
							
								
								realloc: use copy_size to check for canaries  
							
							... 
							
							
							
							This avoids unnecessarily copying the canary when doing a realloc from a
small size to a large size. It also avoids trying to copy a non-existent
canary out of a zero-size allocation, which are memory protected. 
							
						 
						
							2019-06-17 00:28:10 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								37474e117c 
								
							 
						 
						
							
							
								
								limit precision for fragmentation in table  
							
							
							
						 
						
							2019-06-12 13:29:04 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								12525f2861 
								
							 
						 
						
							
							
								
								work around old glibc releases without threads.h  
							
							
							
						 
						
							2019-06-06 08:10:57 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								5449f4a94e 
								
							 
						 
						
							
							
								
								use safe_flag for -fno-plt  
							
							... 
							
							
							
							This isn't supported by the ancient Clang release in Debian Stable. 
							
						 
						
							2019-06-06 07:33:39 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								64a1f59020 
								
							 
						 
						
							
							
								
								note about getrandom with syscall whitelists  
							
							
							
						 
						
							2019-06-02 22:24:25 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								b40ba9754b 
								
							 
						 
						
							
							
								
								add malloc_info test  
							
							
							
						 
						
							2019-05-05 08:37:55 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								f6f4402ff3 
								
							 
						 
						
							
							
								
								expand test gitignore  
							
							
							
						 
						
							2019-05-05 08:37:55 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								2ae0ed4674 
								
							 
						 
						
							
							
								
								add large array growth test  
							
							
							
						 
						
							2019-05-05 08:37:55 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								ae4142c2d1 
								
							 
						 
						
							
							
								
								note that arenas are isolated from each other  
							
							
							
						 
						
							2019-04-23 02:01:44 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								18f36c3e8d 
								
							 
						 
						
							
							
								
								expand description of randomized delay free  
							
							
							
						 
						
							2019-04-23 01:59:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								7f0bbddfca 
								
							 
						 
						
							
							
								
								merge points about out-of-line / protected state  
							
							
							
						 
						
							2019-04-23 01:58:37 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								409a639312 
								
							 
						 
						
							
							
								
								provide working malloc_info outside Android too  
							
							
							
						 
						
							2019-04-19 16:56:07 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								494436c904 
								
							 
						 
						
							
							
								
								implement options handling for malloc_info  
							
							
							
						 
						
							2019-04-19 16:23:14 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								13ee04c8c3 
								
							 
						 
						
							
							
								
								fill CSPRNG caches lazily to speed up early init  
							
							
							
						 
						
							2019-04-15 07:23:30 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								a13db3fc68 
								
							 
						 
						
							
							
								
								initialize size class CSPRNGs from init CSPRNG  
							
							... 
							
							
							
							This avoids making a huge number of getrandom system calls during
initialization. The init CSPRNG is unmapped before initialization
finishes and these are still reseeded from the OS. The purpose of the
independent CSPRNGs is simply to avoid the massive performance hit of
synchronization and there's no harm in doing it this way.
Keeping around the init CSPRNG and reseeding from it would defeat the
purpose of reseeding, and it isn't a measurable performance issue since
it can just be tuned to reseed less often. 
							
						 
						
							2019-04-15 06:50:24 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								c7e2cb82f4 
								
							 
						 
						
							
							
								
								add generic get_random_bytes function  
							
							
							
						 
						
							2019-04-15 06:07:28 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								f115be8392 
								
							 
						 
						
							
							
								
								shrink initial region table size to fit in 1 page  
							
							
							
						 
						
							2019-04-15 00:04:00 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								e7eeb3f35c 
								
							 
						 
						
							
							
								
								avoid reading thread_local more than once  
							
							
							
						 
						
							2019-04-14 20:26:14 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								7e465c621e 
								
							 
						 
						
							
							
								
								use allocate_large directly in large remap path  
							
							
							
						 
						
							2019-04-14 19:46:22 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								1c899657c1 
								
							 
						 
						
							
							
								
								add is_init check to mallinfo functions  
							
							
							
						 
						
							2019-04-14 19:12:38 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								8774065b13 
								
							 
						 
						
							
							
								
								fix non-init size for malloc_object_size extension  
							
							
							
						 
						
							2019-04-14 19:01:25 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								84a25ec83e 
								
							 
						 
						
							
							
								
								fix build with CONFIG_STATS enabled  
							
							
							
						 
						
							2019-04-11 00:51:34 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								34b6754f70 
								
							 
						 
						
							
							
								
								enable CONFIG_STATS by default for Android  
							
							... 
							
							
							
							The tiny performance cost might as well be accepted now because this
will be needed for Android Q. It's also quite possible that some apps
make use of the features based on this including malloc_info. 
							
						 
						
							2019-04-10 17:12:17 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								d4b8fee1c4 
								
							 
						 
						
							
							
								
								allow using the largest slab allocation size  
							
							
							
						 
						
							2019-04-10 16:54:58 -04:00