forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2024-02-20 ea08eeccae9297f7aabd2ef7f0c2517ac4549acc 
 kernel/Documentation/security/self-protection.rst
....@@ -302,11 +302,11 @@
302302 Memory poisoning
303303 ----------------
304304 
305
-When releasing memory, it is best to poison the contents (clear stack on
306
-syscall return, wipe heap memory on a free), to avoid reuse attacks that
307
-rely on the old contents of memory. This frustrates many uninitialized
308
-variable attacks, stack content exposures, heap content exposures, and
309
-use-after-free attacks.
305
+When releasing memory, it is best to poison the contents, to avoid reuse
306
+attacks that rely on the old contents of memory. E.g., clear stack on a
307
+syscall return (``CONFIG_GCC_PLUGIN_STACKLEAK``), wipe heap memory on a
308
+free. This frustrates many uninitialized variable attacks, stack content
309
+exposures, heap content exposures, and use-after-free attacks.
310310 
311311 Destination tracking
312312 --------------------