Struct ma_proper::MAProper

pub struct MAProper;

The MAProper memory allocator

This memory allocator is an extension around std::alloc::System which ensures that the allocated memory is always erased before it is deallocated.

Using MAProper as global allocator

#[global_allocator]
static MA_PROPER: MAProper = MAProper;

fn main() {
	// This `Vec` will allocate memory through `MA_PROPER` above
	let mut v = Vec::new();
	v.push(1);
}

How it works

Allocation

To ensure that we have enough information to erase everything, we allocate slightly more memory than requested and prepend some checksummed metadata to it. So a final chunk looks like this:

Layout: [ metadata | alignment padding | requested memory ]
Length:   META_LEN |      dynamic      |  user specified

Then we increment the pointer so that it points to requested memory and return it.

Deallocation

Once the pointer is to be deallocated, we rewind the pointer so that it points to metadata/length info again to read and verify it. Once we know the length, we overwrite the entire allocated space using one of memset_s/SecureZeroMemory/explicit_bzero/explicit_memset.

Then we deallocate it.

Important

Please note that MAProper only erases memory that is deallocated properly. This especially means that:

• stack items are not overwritten by this allocator – to erase stack memory, we expose MAProper::erase_slice and MAProper::erase_ptr<T> so that you can erase them manually if necessary
• depending on your panic-policy and your Rc/Arc use (retain-cycles), the destructor (and thus the deallocator) may never be called

Trait Implementations

impl GlobalAlloc for MAProper

unsafe fn alloc(&self, layout: Layout) -> *mut u8

Allocate memory as described by the given layout.

unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout)

Deallocate the block of memory at the given ptr pointer with the given layout.

unsafe fn alloc_zeroed(&self, layout: Layout) -> *mut u8

Behaves like alloc, but also ensures that the contents are set to zero before being returned.

unsafe fn realloc(
    &self,
    ptr: *mut u8,
    layout: Layout,
    new_size: usize
) -> *mut u8

Shrink or grow a block of memory to the given new_size. The block is described by the given ptr pointer and layout.