Skip to content

Commit 5e4c313

Browse files
committed
document kernel hardware memory tagging
1 parent 9a1aefe commit 5e4c313

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

static/features.html

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -365,6 +365,11 @@ <h4><a href="#exploit-mitigations">Exploit mitigations</a></h4>
365365
larger address space (48-bit instead of 39-bit) with
366366
significantly higher entropy Address Space Layout
367367
Randomization (33-bit instead of 24-bit).</li>
368+
<li>Basic hardware memory tagging is used in the main kernel
369+
memory allocators (slab, page_alloc, non-executable vmalloc) to
370+
provide probabilistic detection of all use-after-free and
371+
inter-object overflows (providing deterministic guarantees
372+
similar to our hardened_malloc implementation is planned)</li>
368373
<li>Random canaries with a leading zero are added to the
369374
kernel heap (slub) to block C string overflows, absorb small
370375
overflows and detect linear overflows or other heap corruption

0 commit comments

Comments
 (0)