How to enable caprevoke in cheribsd?

[zintown]

In the #382 commit message, it appears that cheribsd is enabled by default for captrevoke, but after compiling with the option "-mabi=l64pc128d -mno-relax -fuse-ld=lld -march=rv64gcxcheri -cheri-bounds=very-aggressive", the test program run normally without segment fault, there seems no defense against the use after free vulnerability.
Do I need to add additional compilation options or cheribuild.py option

./cheribuild.py run-riscv64-purecap  --snmalloc/revoke --dlmalloc/revoke --mrs/revoke-on-free

#include <iostream>
int main{

  int *i = new int;
  *i = 10;
  std::cout << *i << std::endl;
  delete int;
  std::cout << *i << std::endl;
}

[jrtc27]

Revocation is a batched operation, with multiple freed allocations held in quarantine until such time as userspace decides to request that the kernel sweep all of memory to revoke capabilities to all freed allocations. If you wish to force revocation, call malloc_revoke(), but this is a costly operation. Note that this does not mean there is "no defence against the use after free vulnerability"; by quarantining allocations that have been freed but not yet revoked, we guarantee that the allocation will not be repurposed until a revocation has been performed, i.e. it behaves as if the free is deferred until a later point in time.

--snmalloc/revoke --dlmalloc/revoke --mrs/revoke-on-free

These aren't doing anything for the targets you're running.

[rwatson]

NB: We recently delivered a tutorial at the DSbD All Hands Meeting that included some information on temporal safety:

https://www.cheribsd.org/tutorial/23.11/cover/index.html

Note that updates are still in progress for the Getting Started Guide for CheriBSD 23.11, and will include more information on configuring and using temporal safety features.