提交 66a68b0b 编写于 作者: J Joel Stanley

ARM: config: aspeed: Enable hardened allocator feature

SLAB_FREELIST_HARDENED can protect from freelist overwrite attacks with
really small overhead.

It works best with the SLUB allocator, so make SLUB the default by
removing SLAB=y.

      total   used           free           shared        buff/cache    available
SLAB  425596  44065.3+/-220  311099+/-3800  14864+/-3900  70432+/-3700  352767+/-3900

SLUB  425592  44225.3+/-280  313275+/-600   12132+/-3.3   68092+/-530   355295+/-280

These figures are the average memory usage from three boots of each
option in qemu, running the Romulus userspace. The output is from
free(1), reported in kilobytes.
Signed-off-by: NJoel Stanley <joel@jms.id.au>
Reviewed-by: NAndrew Jeffery <andrew@aj.id.au>
Link: https://lore.kernel.org/r/20210819065203.2620911-2-joel@jms.id.auSigned-off-by: NJoel Stanley <joel@jms.id.au>
上级 2734d6c1
...@@ -18,8 +18,8 @@ CONFIG_BPF_SYSCALL=y ...@@ -18,8 +18,8 @@ CONFIG_BPF_SYSCALL=y
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_COMPAT_BRK is not set # CONFIG_COMPAT_BRK is not set
CONFIG_SLAB=y
CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
# CONFIG_ARCH_MULTI_V7 is not set # CONFIG_ARCH_MULTI_V7 is not set
CONFIG_ARCH_ASPEED=y CONFIG_ARCH_ASPEED=y
CONFIG_MACH_ASPEED_G4=y CONFIG_MACH_ASPEED_G4=y
......
...@@ -18,8 +18,8 @@ CONFIG_BPF_SYSCALL=y ...@@ -18,8 +18,8 @@ CONFIG_BPF_SYSCALL=y
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_COMPAT_BRK is not set # CONFIG_COMPAT_BRK is not set
CONFIG_SLAB=y
CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_ARCH_MULTI_V6=y CONFIG_ARCH_MULTI_V6=y
CONFIG_ARCH_ASPEED=y CONFIG_ARCH_ASPEED=y
CONFIG_MACH_ASPEED_G5=y CONFIG_MACH_ASPEED_G5=y
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册