From 075406dfd507b2b46a0be585e688d32fdbb44d49 Mon Sep 17 00:00:00 2001
From: desolate <...>
Date: Tue, 23 Jun 2026 10:07:15 +0300
Subject: [PATCH] add hardened_malloc package template

---
 templates/hardened_malloc/INSTALL.msg | 32 +++++++++++++++++++++++++++
 templates/hardened_malloc/template    | 25 +++++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 templates/hardened_malloc/INSTALL.msg
 create mode 100644 templates/hardened_malloc/template

diff --git a/templates/hardened_malloc/INSTALL.msg b/templates/hardened_malloc/INSTALL.msg
new file mode 100644
index 0000000..860a9e5
--- /dev/null
+++ b/templates/hardened_malloc/INSTALL.msg
@@ -0,0 +1,32 @@
+
+The shared library will be installed at:
+
+	/usr/lib/libhardened_malloc.so
+	/usr/lib/libhardened_malloc-light.so
+
+It's will NOT become active on its own. To enable it system-wide, you must preload it.
+
+1. Test it first! Make sure a normal binary still runs:
+
+		LD_PRELOAD=/usr/lib/libhardened_malloc.so /bin/true && echo OK
+		LD_PRELOAD=/usr/lib/libhardened_malloc-light.so /bin/true && echo OK
+
+	If that prints OK, the library loads cleanly on this system.
+
+2. Enable system-wide by adding this single line to /etc/ld.so.preload
+	(create if file doesn't exist):
+
+		/usr/lib/libhardened_malloc.so
+
+		for light variant:
+		/usr/lib/libhardened_malloc-light.so
+
+	Per-process alternative (safer to trial): just export LD_PRELOAD as above
+	for the programs you want, instead of editing ld.so.preload.
+
+################ WARNING ################
+
+/etc/ld.so.preload is loaded by EVERY dynamically-linked program.
+If provided .so files are ever missing or broken while listed there, essential
+tools (your shell, sudo , xbps) may fail to start and you can lock
+yourself out of a running system.
diff --git a/templates/hardened_malloc/template b/templates/hardened_malloc/template
new file mode 100644
index 0000000..2c8c8d6
--- /dev/null
+++ b/templates/hardened_malloc/template
@@ -0,0 +1,25 @@
+# Template file for 'hardened_malloc'
+pkgname=hardened_malloc
+version=14
+revision=1
+build_style=gnu-makefile
+short_desc="Hardened memory allocator from GrapheneOS"
+maintainer="desolate.land"
+license="MIT"
+homepage="https://github.com/GrapheneOS/hardened_malloc"
+distfiles="https://github.com/GrapheneOS/hardened_malloc/archive/refs/tags/${version}.tar.gz"
+checksum=4cd95ff3b83c433ebc6269d0778d79eb3480b7d5bc873503e1cc3768546bdbec
+
+do_build()
+{
+	make ${makejobs} VARIANT=default
+	make ${makejobs} VARIANT=light
+}
+
+do_install()
+{
+	vinstall out/libhardened_malloc.so 755 usr/lib
+	vinstall out-light/libhardened_malloc-light.so 755 usr/lib
+
+	vlicense LICENSE
+}