mirror of
https://github.com/GrapheneOS/hardened_malloc.git
synced 2024-12-11 17:04:32 -05:00
document progress on protected allocator state
This commit is contained in:
parent
da6fd5b5ef
commit
3504465584
10
README.md
10
README.md
@ -155,10 +155,14 @@ allocation and then unmapped on free.
|
|||||||
* Possible slab locations are skipped and remain memory protected, leaving slab
|
* Possible slab locations are skipped and remain memory protected, leaving slab
|
||||||
size class regions interspersed with guard pages
|
size class regions interspersed with guard pages
|
||||||
* Zero size allocations are memory protected
|
* Zero size allocations are memory protected
|
||||||
* Protected allocator metadata
|
* Protected allocator state (including all metadata)
|
||||||
* Address space for metadata is entirely reserved during initialization and
|
* Address space for state is entirely reserved during initialization and
|
||||||
never reused for allocations or anything else
|
never reused for allocations or anything else
|
||||||
* [implementing stronger protection is in-progress]
|
* State within global variables is entirely read-only after initialization
|
||||||
|
with pointers to the isolated allocator state so leaking the address of
|
||||||
|
the library doesn't leak the address of writable state
|
||||||
|
* [in-progress] Protection via Memory Protection Keys (MPK) on x86\_64
|
||||||
|
* [implementing stronger state protection is in-progress]
|
||||||
* Extension for retrieving the size of allocations with fallback
|
* Extension for retrieving the size of allocations with fallback
|
||||||
to a sentinel for pointers not managed by the allocator
|
to a sentinel for pointers not managed by the allocator
|
||||||
* Can also return accurate values for pointers *within* small allocations
|
* Can also return accurate values for pointers *within* small allocations
|
||||||
|
Loading…
Reference in New Issue
Block a user