Conversation

Some initial documentation for my new hardened malloc implementation: github.com/AndroidHardeni It's still in an early state of development with major parts of the core design and many security features not yet implemented. It should work with nearly any programs already though.

github.com

hardened_malloc/README.md at main · GrapheneOS/hardened_malloc

Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...

You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more

Replying to

and

Scudo is entirely based on inline metadata and free lists. It relies on CRC32 to detect metadata corruption and can't reliably detect invalid free in the same way. Having fully out-of-line metadata is extremely important for providing many other security properties too.

10:23 PM · Aug 27, 2018Twitter Web Client

Replying to

and

Similarly, it can't offer the same kind of fine-grained randomization. One of the biggest differences is that the design I'm using is isolating each size class with a unique random base within the outer reserved region rather than a dlmalloc-style allocator mixing it together.

Replying to

and

Metadata is entirely out-of-line with no deterministic offsets to it and similarly there are no deterministic offsets between size classes. Address space is reserved for a size class and never reused for another. It's a bit like PartitionAlloc, but with much stronger isolation.

Show replies