GrapheneOS uses our hardened_malloc allocator (github.com/GrapheneOS/har) with all the optional security features enabled.
The optional slab quarantine features inherently need to use a substantial amount of memory in order to delay reuse of slab allocations as long as possible.
Conversation
Replying to
It's a hardware-based feature not available for on arm64.
ARMv8.4 memory tagging is a drastically more useful feature that's going to provide that minor functionality along with far more useful protection of the data itself. 16-byte granularity memory protection with 4-bit tags.
1
1
Replying to
CONFIG_SEAL_METADATA doesn't have significant benefits. It was mostly a proof of concept for the x86_64 MPK feature. ARMv8.4 MTE is far more useful since it can be used to catch all accesses of free memory, all sequential heap overflows and a high chance for other corruption.
1
1
Replying to
That's good to know! Are there any upcoming snapdragon CPUs that will support ARMv8.4? Perhaps it might even make it into the Pixel 6.
1
Replying to
I'd guess the Pixel 7. It's going to be extremely useful for hardened_malloc and we're currently looking for someone we can fund to work on implementing it via the QEMU implementation of ARMv8.4 MTE (memory tagging).