I'm working on integrating Memory Protection Keys (lwn.net/Articles/64379) into my hardened allocator for protecting the metadata. Unfortunately, I can't verify it works and has low enough overhead until I get access to a Skylake-SP CPU so it will be stuck in a separate branch.
Conversation
Replying to
It's very easy to integrate since there are dedicated memory regions for metadata isolated from everything else. MPK allows toggling access to memory regions per-thread via a bit in a register, so the allocator can toggle metadata access on entry/exit.
Quote Tweet
Finished up the unified metadata region for my hardened allocator:
github.com/AndroidHardeni
It avoids reusing metadata address space for other purposes and vice versa along with having high entropy random guard regions. It will use Memory Protection Keys or memory tagging too.
Show this thread
1
2
Replying to
Is the Skylake SP only required for your programming and testing? Not for the blocks on the chain (users), right?
Pricey chip.
1
Replying to
MPK is a fairly bleeding edge feature and hasn't trickled down to consumer CPUs. It's a simple way of adding a little bit more security to my hardened malloc implementation with a low performance cost. The possible hardening isn't the same across architectures and CPU revisions.
2
1
Show replies