GrapheneOS uses our hardened_malloc allocator (github.com/GrapheneOS/har) with all the optional security features enabled.
The optional slab quarantine features inherently need to use a substantial amount of memory in order to delay reuse of slab allocations as long as possible.
Conversation
Replying to
It's a hardware-based feature not available for on arm64.
ARMv8.4 memory tagging is a drastically more useful feature that's going to provide that minor functionality along with far more useful protection of the data itself. 16-byte granularity memory protection with 4-bit tags.
1
1
Replying to
CONFIG_SEAL_METADATA doesn't have significant benefits. It was mostly a proof of concept for the x86_64 MPK feature. ARMv8.4 MTE is far more useful since it can be used to catch all accesses of free memory, all sequential heap overflows and a high chance for other corruption.
Replying to
That's good to know! Are there any upcoming snapdragon CPUs that will support ARMv8.4? Perhaps it might even make it into the Pixel 6.
1
Replying to
I'd guess the Pixel 7. It's going to be extremely useful for hardened_malloc and we're currently looking for someone we can fund to work on implementing it via the QEMU implementation of ARMv8.4 MTE (memory tagging).

