note that MPK-based hardening is off by default

This commit is contained in:
Daniel Micay 2018-11-03 03:11:59 -04:00
parent f2a7ccde75
commit f949698c7a

View File

@ -222,7 +222,8 @@ was a bit less important and if a core goal was finding latent bugs.
the library doesn't leak the address of writable state the library doesn't leak the address of writable state
* Allocator state is located within a dedicated region with high entropy * Allocator state is located within a dedicated region with high entropy
randomly sized guard regions around it randomly sized guard regions around it
* Protection via Memory Protection Keys (MPK) on x86\_64 * Protection via Memory Protection Keys (MPK) on x86\_64 (disabled by
default due to low benefit-cost ratio on top of baseline protections)
* [future] Protection via MTE on ARMv8.5+ * [future] Protection via MTE on ARMv8.5+
* Extension for retrieving the size of allocations with fallback * Extension for retrieving the size of allocations with fallback
to a sentinel for pointers not managed by the allocator to a sentinel for pointers not managed by the allocator