security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

document kernel hardware memory tagging

Browse Source
This commit is contained in:
Daniel Micay 2025-01-18 02:27:05 -05:00
parent 5c99612044
commit ad90326953
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
static/features.html
View File

@ -365,6 +365,13 @@
larger address space (48-bit instead of 39-bit) with larger address space (48-bit instead of 39-bit) with
significantly higher entropy Address Space Layout significantly higher entropy Address Space Layout
Randomization (33-bit instead of 24-bit).</li> Randomization (33-bit instead of 24-bit).</li>
<li>Basic hardware memory tagging is used in the main kernel
memory allocators (slab, page_alloc, non-executable vmalloc) to
provide probabilistic detection of all use-after-free and
inter-object overflows along with deterministic detection of
use-after-free until the memory is allocated again (we plan to
add deterministic detection of small/linear overflows like
hardened_malloc)</li>
<li>Random canaries with a leading zero are added to the <li>Random canaries with a leading zero are added to the
kernel heap (slub) to block C string overflows, absorb small kernel heap (slub) to block C string overflows, absorb small
overflows and detect linear overflows or other heap corruption overflows and detect linear overflows or other heap corruption