On 28.11.24 10:08, Sascha Hauer wrote: > On Mon, Nov 25, 2024 at 04:20:21PM +0100, Ahmad Fatoum wrote: >> dummy malloc doesn't free and all allocations are in freshly sbrk()'d >> memory, which already zero. >> >> +config INIT_ON_ALLOC_DEFAULT_ON >> + bool "Enable heap memory zeroing on allocation by default" >> + depends on !MALLOC_LIBC >> + help >> + This has the effect of setting "init_on_alloc=1" on the kernel >> + command line. This can be disabled with "init_on_alloc=0". >> + When "init_on_alloc" is enabled, all page allocator and slab >> + allocator memory will be zeroed when allocated, eliminating >> + many kinds of "uninitialized heap memory" flaws, especially >> + heap content exposures. The performance impact varies by >> + workload, but most cases see <1% impact. Some synthetic >> + workloads have measured as high as 7%. >> + >> +config INIT_ON_FREE_DEFAULT_ON >> + bool "Enable heap memory zeroing on free by default" >> + depends on !MALLOC_DUMMY && !MALLOC_LIBC >> + help >> + This has the effect of setting "init_on_free=1" on the kernel >> + command line. This can be disabled with "init_on_free=0". >> + Similar to "init_on_alloc", when "init_on_free" is enabled, >> + all page allocator and slab allocator memory will be zeroed >> + when freed, eliminating many kinds of "uninitialized heap memory" >> + flaws, especially heap content exposures. The primary difference >> + with "init_on_free" is that data lifetime in memory is reduced, >> + as anything freed is wiped immediately, making live forensics or >> + cold boot memory attacks unable to recover freed memory contents. >> + The performance impact varies by workload, but is more expensive >> + than "init_on_alloc" due to the negative cache effects of >> + touching "cold" memory areas. Most cases see 3-5% impact. Some >> + synthetic workloads have measured as high as 8%. > > These verbatim copies of the kernel help texts do not seem appropriate > for barebox. Agreed. I was intending to change them, but forgot about it :/ Will fix in v2. > > Sascha > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
