Update webpage "Documentation - hardened_malloc" from version 1.0.2+21 to 1.0.3

2023-11-16 21:38:08 +00:00 · 2023-11-16 21:38:08 +00:00 · 366423c86a
commit 366423c86a
parent 557e052b27
1 changed files with 69 additions and 83 deletions
--- a/documentation/hardened_malloc.html
+++ b/documentation/hardened_malloc.html
@ -1,26 +1,23 @@
 <!DOCTYPE html>
 <!-- Inferencium - Website - Documentation - GrapheneOS hardened_malloc -->
 <!-- Version: 1.0.3 -->
 <!-- Copyright 2023 Jake Winters -->
 <!-- SPDX-License-Identifier: BSD-3-Clause -->
 <!-- Version: 1.0.2+21 -->
-
+<html lang="en">
 <html>
 		<head>
 				<meta charset="utf-8"/>
 				<meta name="viewport" content="width=device-width, initial-scale=1"/>
 				<link rel="stylesheet" href="../main.css"/>
 				<title>Inferencium - Documentation - GrapheneOS hardened_malloc</title>
 				<link rel="stylesheet" href=../main.css>
 				<meta name="viewport" content="width=device-width, initial-scale=1">
 		</head>
 		<body>
-				<!-- Navigation bar -->
+				<nav class="nav-bar">
-				<div class="sidebar">
+						<div><a href="../index.html"><img src="../asset/img/logo-inferencium-no_text.png" width="110px" height="110px"/></a></div>
-						<a href="../index.html"><img src="../asset/img/logo-inferencium-no_text.png" width="110px" height="110px"></a>
+						<div><a href="../index.html" class="title">Inferencium</a></div>
 						<a href="../index.html" class="title">Inferencium</a><br>
 						<br>
 						<br>
 						<div><a href="../about.html">About</a></div>
 						<div><a href="../contact.html">Contact</a></div>
 						<div><a href="../blog.html">Blog</a></div>
@ -28,7 +25,7 @@
 						<div><a href="../source.html">Source</a></div>
 						<div><a href="../key.html">Key</a></div>
 						<div><a href="../changelog.html">Changelog</a></div>
-				</div>
+				</nav>
 				<section id="introduction">
 						<h1 id="introduction"><a href="#introduction">Documentation - GrapheneOS hardened_malloc</a></h1>
 								<p>This documentation contains instructions to use
@ -44,8 +41,7 @@
 								<p>This documentation is also available in portable AsciiDoc format in my
 								<a href="https://src.inferencium.net/Inferencium/doc/src/branch/stable/security/hardened_malloc.adoc">documentation source code repository</a>.
 				</section>
-								<!-- Table of contents -->
+				<nav id="toc">
 								<section id="toc">
 						<h2 id="toc"><a href="#toc">Table of Contents<a/></h2>
 								<ul>
 										<li><a href="#memory_pages">Increase Permitted Amount of Memory Pages</a></li>
@ -55,12 +51,12 @@
 										<li><a href="#copy_library">Copy Compiled hardened_malloc Library</a></li>
 										<li><a href="#preload_on_boot">Set System to Preload hardened_malloc on Boot</a></li>
 								</ul>
-								</section>
+				</nav>
 				<section id="memory_pages">
 						<h2 id="memory_pages"><a href="#memory_pages">Increase Permitted Amount of Memory Pages</a></h2>
 								<p>Add <code>vm.max_map_count = 1048576</code> to
-												<code>/etc/sysctl.conf</code> to accommodate hardened_malloc's large
+								<code>/etc/sysctl.conf</code> to accommodate hardened_malloc's large amount of guard
-												amount of guard pages.</p>
+								pages.</p>
 				</section>
 				<section id="clone_source_code">
 						<h2 id="clone_source_code"><a href="#clone_source_code">Clone hardened_malloc Source Code</a></h2>
@ -73,27 +69,22 @@
 				<section id="compile">
 						<h2 id="compile"><a href="#compile">Compile hardened_malloc</a></h2>
 								<p><p><code>$ make <var>&lt;arguments&gt;</var></code></p>
-												<p><code>CONFIG_N_ARENA=<var>n</var></code> can be adjusted to increase
+								<p><code>CONFIG_N_ARENA=<var>n</var></code> can be adjusted to increase parallel
-												parallel performance at the expense of memory usage, or decrease memory
+								performance at the expense of memory usage, or decrease memory usage at the expense of
-												usage at the expense of parallel performance, where <var>n</var> is an
+								parallel performance, where <var>n</var> is an integer. Higher values prefer parallel
-												integer. Higher values prefer parallel performance, lower values prefer
+								performance, lower values prefer lower memory usage. The number of arenas has no impact
-												lower memory usage. The number of arenas has no impact on the security
+								on the security properties of hardened_malloc.<br>
-												properties of hardened_malloc.
+								<b>Minimum number of arenas:</b> 1<br>
-												<ul>
+								<b>Maximum number of arenas:</b> 256</p>
-														<li>Minimum number of arenas: 1</li>
+								<p>For extra security, <code>CONFIG_SEAL_METADATA=true</code> can be used in order to
-														<li>Maximum number of arenas: 256</li>
+								control whether Memory Protection Keys are used to disable access to all writable
-												</ul>
+								allocator state outside of the memory allocator code. It's currently disabled by default
-												<p>For extra security, <code>CONFIG_SEAL_METADATA=true</code> can be
+								due to a significant performance cost for this use case on current generation hardware.
-												used in order to control whether Memory Protection Keys are used to
+								Whether or not this feature is enabled, the metadata is all contained within an isolated
-												disable access to all writable allocator state outside of the memory
+								memory region with high entropy random guard regions around it.</p>
-												allocator code. It's currently disabled by default due to a significant
+								<p>For low-memory systems, <code>VARIANT=light</code> can be used to compile the light
-												performance cost for this use case on current generation hardware.
+								variant of hardened_malloc, which sacrifices some security for much less memory
-												Whether or not this feature is enabled, the metadata is all contained
+								usage.</p>
 												within an isolated memory region with high entropy random guard regions
 												around it.</p>
 												<p>For low-memory systems, <code>VARIANT=light</code> can be used to
 												compile the light variant of hardened_malloc, which sacrifices some
 												security for much less memory usage.</p>
 								<p>For all compile-time options, see the
 								<a href="https://github.com/GrapheneOS/hardened_malloc#configuration">configuration section</a>
 								of hardened_malloc's extensive official documentation.</p>
@ -104,16 +95,11 @@
 				</section>
 				<section id="preload_on_boot">
 						<h2 id="preload_on_boot"><a href="#preload_on_boot">Set System to Preload hardened_malloc on Boot</a></h2>
-												<p>
+								<p><b>musl-based systems:</b> Add
-												<ul>
+								<code>export LD_PRELOAD="<var>&lt;hardened_malloc path&gt;</var>"</code> to
-														<li>musl-based systems: Add
+								<code>/etc/environment</code><br>
-														<code>export LD_PRELOAD="<var>&lt;hardened_malloc path&gt;</var>"</code>
+								<b>glibc-based systems:</b> Add <code><var>&lt;hardened_malloc path&gt;</var></code> to
-														to <code>/etc/environment</code></li>
+								<code>/etc/ld.so.preload</code></p>
 														<li>glibc-based systems:
 														Add <code><var>&lt;hardened_malloc path&gt;</var></code> to
 														<code>/etc/ld.so.preload</code></li>
 												</ul>
 												</p>
 				</section>
 		</body>
 </html>