Add Linux Memory Protection Keys reference link

2024-01-29 20:43:00 +00:00 · 2024-01-29 20:43:00 +00:00 · 975692c23a
commit 975692c23a
parent 2c58ce1908
1 changed files with 8 additions and 7 deletions
--- a/documentation/hardened_malloc.xhtml
+++ b/documentation/hardened_malloc.xhtml
@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <!-- Inferencium - Website - Documentation - hardened_malloc -->
-<!-- Version: 3.0.0-alpha.12 -->
+<!-- Version: 3.0.0-alpha.13 -->
 <!-- Copyright 2023 Jake Winters -->
 <!-- SPDX-License-Identifier: BSD-3-Clause -->
@ -92,12 +92,13 @@
 												</tr>
 										</table>
 										<p>For extra security, <code>CONFIG_SEAL_METADATA=true</code> can be used in
-										order to control whether Memory Protection Keys are used to disable access to
+										order to control whether
-										all writable allocator state outside of the memory allocator code. It's
+										<a href="https://www.kernel.org/doc/html/v6.7/core-api/protection-keys.html">Memory Protection Keys</a>
-										currently disabled by default due to a significant performance cost for this use
+										are used to disable access to all writable allocator state outside of the memory
-										case on current-generation hardware. Whether or not this feature is enabled, the
+										allocator code. It's currently disabled by default due to a significant
-										metadata is all contained within an isolated memory region with high-entropy
+										performance cost for this use case on current-generation hardware. Whether or
-										random guard regions around it.</p>
+										not this feature is enabled, the metadata is all contained within an isolated
 										memory region with high-entropy random guard regions around it.</p>
 										<p>For low-memory systems, <code>VARIANT=light</code> can be used to compile the
 										light variant of hardened_malloc, which sacrifices some security for much less
 										memory usage. This option still produces a more hardened memory allocator than