File tree Expand file tree Collapse file tree 1 file changed +5
-0
lines changed Expand file tree Collapse file tree 1 file changed +5
-0
lines changed Original file line number Diff line number Diff line change @@ -365,6 +365,11 @@ <h4><a href="#exploit-mitigations">Exploit mitigations</a></h4>
365
365
larger address space (48-bit instead of 39-bit) with
366
366
significantly higher entropy Address Space Layout
367
367
Randomization (33-bit instead of 24-bit).</ li >
368
+ < li > Basic hardware memory tagging is used in the main kernel
369
+ memory allocators (slab, page_alloc, non-executable vmalloc) to
370
+ provide probabilistic detection of all use-after-free and
371
+ inter-object overflows (providing deterministic guarantees
372
+ similar to our hardened_malloc implementation is planned)</ li >
368
373
< li > Random canaries with a leading zero are added to the
369
374
kernel heap (slub) to block C string overflows, absorb small
370
375
overflows and detect linear overflows or other heap corruption
You can’t perform that action at this time.
0 commit comments