Conversation

Patrick Walton
@pcwalton
TIL: The most popular 64-bit architecture in the world has a small address space. Kills any hope of never reusing malloc addresses.
Quote Tweet
Daniel Micay
@DanielMicay
Replying to @DanielMicay @pcwalton and 2 others
On arm64, you typically only have a 39-bit address space although it can be 48-bit like x86_64. The kernel takes half so it's really 38-bit or 47-bit. 38-bit is already far too small to use hardened_malloc with the normal configuration. 47-bit is 128 TiB which isn't limitless.
5
84
Daniel Micay
@DanielMicay
Replying to
@andy_kelley
and
@pcwalton
ARMv8.4 memory tagging is really sweet. It's currently only 4 bit so you only give up the top byte for it. It's ARMv8.3 pointer authentication that's super greedy for bits because you want as large of a signature as possible. With a 48-bit address space, not much room for that.
1
5
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@andy_kelley
and
@pcwalton
I find memory tagging much more compelling because you can do strong deterministic mitigations. Can reserve a tag for free heap data, metadata, shadow stack, 16-byte granularity hardware canaries, etc. Choosing random tags is just a baseline. You can do a lot better than that.
1
3
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@andy_kelley
and
@pcwalton
Memory tagging is essentially an approximation of memory safety at a low level. Pointer authentication protects pointers from being forged which is a much different thing. It's limiting what an attacker can do with memory corruption, not directly preventing it from happening.
1
Show replies