From 3bd71421d109995b8b7e4e11c891ec58111f9ff1 Mon Sep 17 00:00:00 2001
From: Daniel Micay <daniel.micay@grapheneos.org>
Date: Fri, 14 Feb 2025 12:30:21 -0500
Subject: [PATCH] document early boot free memory zeroing

---
 static/features.html | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/static/features.html b/static/features.html
index 28daaa6b..23bd782a 100644
--- a/static/features.html
+++ b/static/features.html
@@ -387,6 +387,15 @@
                                     released retains data indefinitely until the memory is handed
                                     out for other uses and gets partially or fully overwritten by
                                     new data.</li>
+                                    <li>In early boot, all the memory not being used by the OS is
+                                    zeroed to get rid of any data leftover from a previous boot in
+                                    case zero-on-free didn't have the opportunity to clear it as
+                                    part of a clean reboot/shutdown. All the devices we support have
+                                    a reset attack protection feature we proposed zeroing memory for
+                                    firmware-based boot modes, but we need to finish it up by adding
+                                    it for the OS boot modes ourselves. Fully encrypted RAM with a
+                                    per-boot key cycled on reboots will eventually obsolete these
+                                    features for newer devices.</li>
                                     <li>Kernel stack allocations are zeroed to make most
                                     uninitialized data usage vulnerabilities harmless.</li>
                                     <li>Assorted attack surface reduction through disabling