- Inferencium-
-
- - - - - - - -
This documentation contains instructions to use GrapheneOS hardened_malloc - memory allocator as the system's default memory allocator. These instructions apply to both musl - and glibc C libraries on Unix-based and Unix-like systems. hardened_malloc can also be used - per-application and/or per-user, in which case root permissions are not required; this - documentation focuses on system-wide usage of hardened_malloc, assumes root privileges, and - assumes the compiled library will be located in a path readable by all users of the system.
+ memory allocator as the system's default memory allocator. These instructions apply to + both musl and glibc C libraries on Unix-based and Unix-like systems. hardened_malloc can + also be used per-application and/or per-user, in which case root permissions are not + required; this documentation focuses on system-wide usage of hardened_malloc, assumes + root privileges, and assumes the compiled library will be located in a path readable by + all users of the system.For the complete hardened_malloc documentation, visit its - official documentation.
+ official documentation.This documentation is also available in portable AsciiDoc format in my documentation source code repository.
Add vm.max_map_count = 1048576 to /etc/sysctl.conf
- to accommodate hardened_malloc’s large amount of guard pages.
Add vm.max_map_count = 1048576 to
+ /etc/sysctl.conf to accommodate hardened_malloc's large
+ amount of guard pages.
$ make <arguments>
CONFIG_N_ARENA=n can be adjusted to increase parallel
- performance at the expense of memory usage, or decrease memory usage at the
- expense of parallel performance, where n is an integer. Higher values
- prefer parallel performance, lower values prefer lower memory usage. The number
- of arenas has no impact on the security properties of hardened_malloc.
+
$ make <arguments>
CONFIG_N_ARENA=n can be adjusted to increase
+ parallel performance at the expense of memory usage, or decrease memory
+ usage at the expense of parallel performance, where n is an
+ integer. Higher values prefer parallel performance, lower values prefer
+ lower memory usage. The number of arenas has no impact on the security
+ properties of hardened_malloc.
For extra security, CONFIG_SEAL_METADATA=true can be used in
- order to control whether Memory Protection Keys are used to disable access to
- all writable allocator state outside of the memory allocator code. It’s
- currently disabled by default due to a significant performance cost for this use
- case on current generation hardware. Whether or not this feature is enabled, the
- metadata is all contained within an isolated memory region with high entropy
- random guard regions around it.
For low-memory systems, VARIANT=light can be used to compile the
- light variant of hardened_malloc, which sacrifices some security for much less
- memory usage.
For extra security, CONFIG_SEAL_METADATA=true can be
+ used in order to control whether Memory Protection Keys are used to
+ disable access to all writable allocator state outside of the memory
+ allocator code. It's currently disabled by default due to a significant
+ performance cost for this use case on current generation hardware.
+ Whether or not this feature is enabled, the metadata is all contained
+ within an isolated memory region with high entropy random guard regions
+ around it.
For low-memory systems, VARIANT=light can be used to
+ compile the light variant of hardened_malloc, which sacrifices some
+ security for much less memory usage.
For all compile-time options, see the configuration section - of hardened_malloc’s extensive official documentation.
+ of hardened_malloc's extensive official documentation.# cp out/libhardened_malloc.so <target path>
# cp out/libhardened_malloc.so <target path>
musl-based systems: Add export LD_PRELOAD="<hardened_malloc path>"
- to /etc/environment
- glibc-based systems: Add <hardened_malloc path> to /etc/ld.so.preload
+
export LD_PRELOAD="<hardened_malloc path>"
+ to /etc/environment<hardened_malloc path> to
+ /etc/ld.so.preload