Conversation

This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@chrisrohlf
github.com/AndroidHardeni uses it for a relatively unimportant security feature. It's not enabled by default because MPK performed much worse than I expected and I don't think it's worth the cost in this case. I also found a serious bug in the Linux kernel implementation of MPK.
github.com
GitHub - GrapheneOS/hardened_malloc: Hardened allocator designed for modern systems. It has...
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@chrisrohlf
I implemented the feature for github.com/AndroidHardeni partly as a proof of concept for MPK. The performance on AWS was awful though. Toggling it on and off is comparable to locking and unlocking a mutex. I think it might have been way faster before assorted Spectre fixes, etc.
github.com
GitHub - GrapheneOS/hardened_malloc: Hardened allocator designed for modern systems. It has...
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@chrisrohlf
Yeah, the measurable performance cost should only be when toggling it on. I'm used to arm64 where execute-only mappings are part of the standard memory permissions, although I still don't think the vanilla Linux kernel exposes it to userspace... but it's just a one line change.
1