* [ISSUE] Package Request: Hardened Malloc
@ 2021-09-11 6:22 apirusKde
2021-09-11 6:26 ` apirusKde
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11 6:22 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 606 bytes --]
New issue by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913
Description:
Please provide the *GrapheneOS hardened malloc* package, compiled with these flags so that it doesnt break app compatibility such as xorg, browsers, etc. (These are the flags that whonix *KICKSECURE'S BUILD* uses when it builds the hardened malloc) Without them everything would break because of linux.
dh_auto_build -- libhardened_malloc.so CONFIG_NATIVE=false CC=$(CC) CONFIG_SLAB_QUARANTINE_RANDOM_LENGTH=0 CONFIG_SLAB_QUARANTINE_QUEUE_LENGTH=0 CONFIG_GUARD_SLABS_INTERVAL=8
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
@ 2021-09-11 6:26 ` apirusKde
2021-09-11 9:50 ` apirusKde
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11 6:26 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 379 bytes --]
New comment by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-917351510
Comment:
Also make it automatically set /etc/lib.so.preload file to this: /usr/lib/libhardened_malloc.so/libhardened_malloc.so
To be able to use it after installation.
Or even better, make it replace the default malloc upon installation
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
2021-09-11 6:26 ` apirusKde
@ 2021-09-11 9:50 ` apirusKde
2021-09-12 10:09 ` apirusKde
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-11 9:50 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 497 bytes --]
New comment by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-917377999
Comment:
Original/ GrapheneOS Github:
https://github.com/GrapheneOS/hardened_malloc
Whonix:
https://www.whonix.org/wiki/Hardened_Malloc
Note: Nothing has ever broke when ive used the hardened malloc compiled in the way stated above, or stated inside the whonix wiki.
Whonix/ Kicksecure - Github:
https://github.com/Whonix/hardened_malloc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
2021-09-11 6:26 ` apirusKde
2021-09-11 9:50 ` apirusKde
@ 2021-09-12 10:09 ` apirusKde
2021-09-13 15:49 ` apirusKde
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-12 10:09 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 298 bytes --]
New comment by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-917605440
Comment:
Nice article, another reference to help you implement the package:
https://madaidans-insecurities.github.io/guides/linux-hardening.html#hardened-malloc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
` (2 preceding siblings ...)
2021-09-12 10:09 ` apirusKde
@ 2021-09-13 15:49 ` apirusKde
2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-13 15:49 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 326 bytes --]
New comment by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-918329123
Comment:
Also this package could be used by default in void linux (it is used in kicksecure whonix by default) . Performance loss is none/~1%, no breakages. (When compilled with those flags)
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [ISSUE] [CLOSED] Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
` (3 preceding siblings ...)
2021-09-13 15:49 ` apirusKde
@ 2021-09-13 16:30 ` q66
2021-09-13 16:30 ` q66
2021-09-14 12:24 ` apirusKde
6 siblings, 0 replies; 8+ messages in thread
From: q66 @ 2021-09-13 16:30 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 609 bytes --]
Closed issue by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913
Description:
Please provide the *GrapheneOS hardened malloc* package, compiled with these flags so that it doesnt break app compatibility such as xorg, browsers, etc. (These are the flags that whonix *KICKSECURE'S BUILD* uses when it builds the hardened malloc) Without them everything would break because of linux.
dh_auto_build -- libhardened_malloc.so CONFIG_NATIVE=false CC=$(CC) CONFIG_SLAB_QUARANTINE_RANDOM_LENGTH=0 CONFIG_SLAB_QUARANTINE_QUEUE_LENGTH=0 CONFIG_GUARD_SLABS_INTERVAL=8
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
` (4 preceding siblings ...)
2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
@ 2021-09-13 16:30 ` q66
2021-09-14 12:24 ` apirusKde
6 siblings, 0 replies; 8+ messages in thread
From: q66 @ 2021-09-13 16:30 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 329 bytes --]
New comment by q66 on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-918366281
Comment:
we're not going to change the default malloc
for musl mallocng in 1.2.x already obsoletes this anyway as far as I know, and if you want a better allocator in glibc, take it up with glibc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Package Request: Hardened Malloc
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
` (5 preceding siblings ...)
2021-09-13 16:30 ` q66
@ 2021-09-14 12:24 ` apirusKde
6 siblings, 0 replies; 8+ messages in thread
From: apirusKde @ 2021-09-14 12:24 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 233 bytes --]
New comment by apirusKde on void-packages repository
https://github.com/void-linux/void-packages/issues/32913#issuecomment-919099353
Comment:
Well for musl it might be obsolete, but i would like it implemented in the glibc version
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-09-14 12:24 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-11 6:22 [ISSUE] Package Request: Hardened Malloc apirusKde
2021-09-11 6:26 ` apirusKde
2021-09-11 9:50 ` apirusKde
2021-09-12 10:09 ` apirusKde
2021-09-13 15:49 ` apirusKde
2021-09-13 16:30 ` [ISSUE] [CLOSED] " q66
2021-09-13 16:30 ` q66
2021-09-14 12:24 ` apirusKde
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).