Github messages for voidlinux
 help / color / mirror / Atom feed
* [ISSUE] Package Request: Hardened Malloc
@ 2021-09-11  6:22 apirusKde
  2021-09-11  6:26 ` apirusKde
                   ` (6 more replies)
  0 siblings, 7 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11  6:22 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 606 bytes --]

New issue by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913

Description:
Please provide the *GrapheneOS hardened malloc* package, compiled with these flags so that it doesnt break app compatibility such as xorg, browsers, etc. (These are the flags that whonix *KICKSECURE'S BUILD* uses when it builds the hardened malloc) Without them everything would break because of linux. 

 dh_auto_build -- libhardened_malloc.so CONFIG_NATIVE=false CC=$(CC) CONFIG_SLAB_QUARANTINE_RANDOM_LENGTH=0 CONFIG_SLAB_QUARANTINE_QUEUE_LENGTH=0 CONFIG_GUARD_SLABS_INTERVAL=8

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
@ 2021-09-11  6:26 ` apirusKde
  2021-09-11  9:50 ` apirusKde
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11  6:26 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 379 bytes --]

New comment by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-917351510

Comment:
Also make it automatically set /etc/lib.so.preload file to this: /usr/lib/libhardened_malloc.so/libhardened_malloc.so

To be able to use it after installation. 

Or even better, make it replace the default malloc upon installation

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
  2021-09-11  6:26 ` apirusKde
@ 2021-09-11  9:50 ` apirusKde
  2021-09-12 10:09 ` apirusKde
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11  9:50 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 497 bytes --]

New comment by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-917377999

Comment:
Original/ GrapheneOS Github:
https://github.com/GrapheneOS/hardened_malloc



Whonix:
https://www.whonix.org/wiki/Hardened_Malloc

Note: Nothing has ever broke when ive used the hardened malloc compiled in the way stated above, or stated inside the whonix wiki.



Whonix/ Kicksecure - Github:
https://github.com/Whonix/hardened_malloc



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
  2021-09-11  6:26 ` apirusKde
  2021-09-11  9:50 ` apirusKde
@ 2021-09-12 10:09 ` apirusKde
  2021-09-13 15:49 ` apirusKde
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-12 10:09 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 298 bytes --]

New comment by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-917605440

Comment:
Nice article, another reference to help you implement the package: 
https://madaidans-insecurities.github.io/guides/linux-hardening.html#hardened-malloc

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
                   ` (2 preceding siblings ...)
  2021-09-12 10:09 ` apirusKde
@ 2021-09-13 15:49 ` apirusKde
  2021-09-13 16:30 ` q66
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-13 15:49 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 326 bytes --]

New comment by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-918329123

Comment:
Also this package could be used by default in void linux (it is used in kicksecure whonix by default) . Performance loss is none/~1%, no breakages. (When compilled with those flags)

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [ISSUE] [CLOSED] Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
                   ` (4 preceding siblings ...)
  2021-09-13 16:30 ` q66
@ 2021-09-13 16:30 ` q66
  2021-09-14 12:24 ` apirusKde
  6 siblings, 0 replies; 8+ messages in thread
From: q66 @ 2021-09-13 16:30 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 609 bytes --]

Closed issue by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913

Description:
Please provide the *GrapheneOS hardened malloc* package, compiled with these flags so that it doesnt break app compatibility such as xorg, browsers, etc. (These are the flags that whonix *KICKSECURE'S BUILD* uses when it builds the hardened malloc) Without them everything would break because of linux. 

 dh_auto_build -- libhardened_malloc.so CONFIG_NATIVE=false CC=$(CC) CONFIG_SLAB_QUARANTINE_RANDOM_LENGTH=0 CONFIG_SLAB_QUARANTINE_QUEUE_LENGTH=0 CONFIG_GUARD_SLABS_INTERVAL=8

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
                   ` (3 preceding siblings ...)
  2021-09-13 15:49 ` apirusKde
@ 2021-09-13 16:30 ` q66
  2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
  2021-09-14 12:24 ` apirusKde
  6 siblings, 0 replies; 8+ messages in thread
From: q66 @ 2021-09-13 16:30 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 329 bytes --]

New comment by q66 on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-918366281

Comment:
we're not going to change the default malloc

for musl mallocng in 1.2.x already obsoletes this anyway as far as I know, and if you want a better allocator in glibc, take it up with glibc 

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Package Request: Hardened Malloc
  2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
                   ` (5 preceding siblings ...)
  2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
@ 2021-09-14 12:24 ` apirusKde
  6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-14 12:24 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 233 bytes --]

New comment by apirusKde on void-packages repository

https://github.com/void-linux/void-packages/issues/32913#issuecomment-919099353

Comment:
Well for musl it might be obsolete, but i would like it implemented in the glibc version

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2021-09-14 12:24 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-11  6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
2021-09-11  6:26 ` apirusKde
2021-09-11  9:50 ` apirusKde
2021-09-12 10:09 ` apirusKde
2021-09-13 15:49 ` apirusKde
2021-09-13 16:30 ` q66
2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
2021-09-14 12:24 ` apirusKde

Github messages for voidlinux

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.vuxu.org/voidlinux-github

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 voidlinux-github voidlinux-github/ https://inbox.vuxu.org/voidlinux-github \
		voidlinux-github@inbox.vuxu.org
	public-inbox-index voidlinux-github

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.github.voidlinux


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git