From 76d576dd290d13fd8709b163b6e87dc88f1cdfbb Mon Sep 17 00:00:00 2001 From: inference Date: Tue, 13 Jun 2023 12:54:27 +0100 Subject: [PATCH] Further detail compile-time options. --- security/hardened_malloc.adoc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/security/hardened_malloc.adoc b/security/hardened_malloc.adoc index 3eb629d..f38bfcd 100644 --- a/security/hardened_malloc.adoc +++ b/security/hardened_malloc.adoc @@ -1,6 +1,6 @@ = GrapheneOS hardened_malloc -Version: 0.1.0.11 +Version: 0.1.0.12 This documentation contains instructions to use @@ -37,9 +37,19 @@ no impact on the security properties of hardened_malloc. * Minimum number of arenas: 1 * Maximum number of arenas: 256 +For extra security, `CONFIG_SEAL_METADATA=true` can be used in order to control whether Memory +Protection Keys are used to disable access to all writable allocator state outside of the memory +allocator code. It's currently disabled by default due to a significant performance cost for this +use case on current generation hardware. Whether or not this feature is enabled, the metadata is all +contained within an isolated memory region with high entropy random guard regions around it. + For low-memory systems, `VARIANT=light` can be used to compile the light variant of hardened_malloc, which sacrifices some security for much less memory usage. +For all compile-time options, see the +https://github.com/GrapheneOS/hardened_malloc#configuration[configuration section] of +hardened_malloc's extensive official documentation. + == Copy Compiled hardened_malloc Library `# cp out/libhardened_malloc.so `