From 42b097f3b04bd791c9d525ee332e44fdb5faec4c Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Thu, 13 Jan 2022 14:25:41 -0500 Subject: [PATCH] CONFIG_SEAL_METADATA is regularly tested now --- README.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index cf477c8..3a0514f 100644 --- a/README.md +++ b/README.md @@ -267,11 +267,10 @@ The following boolean configuration options are available: * `CONFIG_SEAL_METADATA`: `true` or `false` (default) to control whether Memory Protection Keys are used to disable access to all writable allocator state outside of the memory allocator code. It's currently disabled by default due - to lack of regular testing and a significant performance cost for this use - case on current generation hardware, which may become drastically lower in - the future. Whether or not this feature is enabled, the metadata is all - contained within an isolated memory region with high entropy random guard - regions around it. + to a significant performance cost for this use case on current generation + hardware, which may become drastically lower in the future. Whether or not + this feature is enabled, the metadata is all contained within an isolated + memory region with high entropy random guard regions around it. The following integer configuration options are available: