Merge "[GWP-ASan] Integrate GWP-ASan into bionc's malloc() (using hooks)." am: d129786e12
Change-Id: I111c814306fc73e775c111459b8b4bdaae16f5ec
This commit is contained in:
commit
0422a2900c
8 changed files with 399 additions and 28 deletions
|
@ -47,6 +47,9 @@ libc_common_flags = [
|
||||||
// Clang's exit-time destructor registration hides __dso_handle, but
|
// Clang's exit-time destructor registration hides __dso_handle, but
|
||||||
// __dso_handle needs to have default visibility on ARM32. See b/73485611.
|
// __dso_handle needs to have default visibility on ARM32. See b/73485611.
|
||||||
"-Wexit-time-destructors",
|
"-Wexit-time-destructors",
|
||||||
|
|
||||||
|
// GWP-ASan requires platform TLS.
|
||||||
|
"-fno-emulated-tls",
|
||||||
]
|
]
|
||||||
|
|
||||||
// Define some common cflags
|
// Define some common cflags
|
||||||
|
@ -62,6 +65,8 @@ cc_defaults {
|
||||||
"bionic/libc/async_safe/include",
|
"bionic/libc/async_safe/include",
|
||||||
],
|
],
|
||||||
|
|
||||||
|
header_libs: ["gwp_asan_headers"],
|
||||||
|
|
||||||
stl: "none",
|
stl: "none",
|
||||||
system_shared_libs: [],
|
system_shared_libs: [],
|
||||||
sanitize: {
|
sanitize: {
|
||||||
|
@ -111,6 +116,7 @@ cc_defaults {
|
||||||
"libjemalloc5",
|
"libjemalloc5",
|
||||||
"libc_jemalloc_wrapper",
|
"libc_jemalloc_wrapper",
|
||||||
],
|
],
|
||||||
|
header_libs: ["gwp_asan_headers"],
|
||||||
}
|
}
|
||||||
|
|
||||||
// Functions not implemented by jemalloc directly, or that need to
|
// Functions not implemented by jemalloc directly, or that need to
|
||||||
|
@ -1391,6 +1397,7 @@ cc_library_static {
|
||||||
],
|
],
|
||||||
ramdisk_available: false,
|
ramdisk_available: false,
|
||||||
srcs: libc_common_src_files + [
|
srcs: libc_common_src_files + [
|
||||||
|
"bionic/gwp_asan_wrappers.cpp",
|
||||||
"bionic/heap_tagging.cpp",
|
"bionic/heap_tagging.cpp",
|
||||||
"bionic/malloc_common.cpp",
|
"bionic/malloc_common.cpp",
|
||||||
"bionic/malloc_limit.cpp",
|
"bionic/malloc_limit.cpp",
|
||||||
|
@ -1418,6 +1425,7 @@ cc_library_static {
|
||||||
],
|
],
|
||||||
|
|
||||||
whole_static_libs: [
|
whole_static_libs: [
|
||||||
|
"gwp_asan",
|
||||||
"libc_bionic_ndk",
|
"libc_bionic_ndk",
|
||||||
"libc_bootstrap",
|
"libc_bootstrap",
|
||||||
"libc_fortify",
|
"libc_fortify",
|
||||||
|
@ -1597,6 +1605,7 @@ filegroup {
|
||||||
srcs: [
|
srcs: [
|
||||||
"arch-common/bionic/crtbegin_so.c",
|
"arch-common/bionic/crtbegin_so.c",
|
||||||
"arch-common/bionic/crtbrand.S",
|
"arch-common/bionic/crtbrand.S",
|
||||||
|
"bionic/gwp_asan_wrappers.cpp",
|
||||||
"bionic/heap_tagging.cpp",
|
"bionic/heap_tagging.cpp",
|
||||||
"bionic/icu.cpp",
|
"bionic/icu.cpp",
|
||||||
"bionic/malloc_common.cpp",
|
"bionic/malloc_common.cpp",
|
||||||
|
@ -1614,6 +1623,7 @@ filegroup {
|
||||||
filegroup {
|
filegroup {
|
||||||
name: "libc_sources_static",
|
name: "libc_sources_static",
|
||||||
srcs: [
|
srcs: [
|
||||||
|
"bionic/gwp_asan_wrappers.cpp",
|
||||||
"bionic/heap_tagging.cpp",
|
"bionic/heap_tagging.cpp",
|
||||||
"bionic/malloc_common.cpp",
|
"bionic/malloc_common.cpp",
|
||||||
"bionic/malloc_limit.cpp",
|
"bionic/malloc_limit.cpp",
|
||||||
|
@ -1648,6 +1658,7 @@ cc_library {
|
||||||
srcs: [ ":libc_sources_static" ],
|
srcs: [ ":libc_sources_static" ],
|
||||||
cflags: ["-DLIBC_STATIC"],
|
cflags: ["-DLIBC_STATIC"],
|
||||||
whole_static_libs: [
|
whole_static_libs: [
|
||||||
|
"gwp_asan",
|
||||||
"libc_init_static",
|
"libc_init_static",
|
||||||
"libc_common_static",
|
"libc_common_static",
|
||||||
"libc_unwind_static",
|
"libc_unwind_static",
|
||||||
|
@ -1656,6 +1667,7 @@ cc_library {
|
||||||
shared: {
|
shared: {
|
||||||
srcs: [ ":libc_sources_shared" ],
|
srcs: [ ":libc_sources_shared" ],
|
||||||
whole_static_libs: [
|
whole_static_libs: [
|
||||||
|
"gwp_asan",
|
||||||
"libc_init_dynamic",
|
"libc_init_dynamic",
|
||||||
"libc_common_shared",
|
"libc_common_shared",
|
||||||
],
|
],
|
||||||
|
@ -2504,6 +2516,7 @@ cc_library {
|
||||||
cc_defaults {
|
cc_defaults {
|
||||||
name: "libc_scudo_wrapper_defaults",
|
name: "libc_scudo_wrapper_defaults",
|
||||||
srcs: [
|
srcs: [
|
||||||
|
"bionic/gwp_asan_wrappers.cpp",
|
||||||
"bionic/heap_tagging.cpp",
|
"bionic/heap_tagging.cpp",
|
||||||
"bionic/malloc_common.cpp",
|
"bionic/malloc_common.cpp",
|
||||||
"bionic/malloc_common_dynamic.cpp",
|
"bionic/malloc_common_dynamic.cpp",
|
||||||
|
@ -2512,12 +2525,21 @@ cc_defaults {
|
||||||
"bionic/scudo_wrapper.cpp",
|
"bionic/scudo_wrapper.cpp",
|
||||||
"bionic/__set_errno.cpp",
|
"bionic/__set_errno.cpp",
|
||||||
],
|
],
|
||||||
cflags: ["-DUSE_SCUDO"],
|
cflags: [
|
||||||
|
"-DUSE_SCUDO",
|
||||||
|
"-fno-emulated-tls", // Required for GWP-ASan.
|
||||||
|
],
|
||||||
shared_libs: ["libscudo_wrapper"],
|
shared_libs: ["libscudo_wrapper"],
|
||||||
|
|
||||||
header_libs: ["libc_headers"],
|
header_libs: [
|
||||||
|
"libc_headers",
|
||||||
|
"gwp_asan_headers",
|
||||||
|
],
|
||||||
|
|
||||||
static_libs: ["libasync_safe"],
|
static_libs: [
|
||||||
|
"libasync_safe",
|
||||||
|
"gwp_asan",
|
||||||
|
],
|
||||||
|
|
||||||
arch: {
|
arch: {
|
||||||
arm: {
|
arm: {
|
||||||
|
|
263
libc/bionic/gwp_asan_wrappers.cpp
Normal file
263
libc/bionic/gwp_asan_wrappers.cpp
Normal file
|
@ -0,0 +1,263 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2020 The Android Open Source Project
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* * Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* * Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||||||
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||||
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||||
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||||
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
||||||
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
||||||
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||||
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
||||||
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <platform/bionic/malloc.h>
|
||||||
|
#include <private/bionic_malloc_dispatch.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
|
||||||
|
#include "bionic/gwp_asan_wrappers.h"
|
||||||
|
#include "gwp_asan/guarded_pool_allocator.h"
|
||||||
|
#include "gwp_asan/options.h"
|
||||||
|
#include "gwp_asan/random.h"
|
||||||
|
#include "malloc_common.h"
|
||||||
|
|
||||||
|
#ifndef LIBC_STATIC
|
||||||
|
#include "bionic/malloc_common_dynamic.h"
|
||||||
|
#endif // LIBC_STATIC
|
||||||
|
|
||||||
|
static gwp_asan::GuardedPoolAllocator GuardedAlloc;
|
||||||
|
static const MallocDispatch* prev_dispatch;
|
||||||
|
|
||||||
|
using Options = gwp_asan::options::Options;
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Implementation of gFunctions.
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
// This function handles initialisation as asked for by MallocInitImpl. This
|
||||||
|
// should always be called in a single-threaded context.
|
||||||
|
bool gwp_asan_initialize(const MallocDispatch* dispatch, bool*, const char*) {
|
||||||
|
prev_dispatch = dispatch;
|
||||||
|
|
||||||
|
Options Opts;
|
||||||
|
Opts.Enabled = true;
|
||||||
|
Opts.MaxSimultaneousAllocations = 32;
|
||||||
|
Opts.SampleRate = 2500;
|
||||||
|
Opts.InstallSignalHandlers = false;
|
||||||
|
Opts.InstallForkHandlers = true;
|
||||||
|
|
||||||
|
GuardedAlloc.init(Opts);
|
||||||
|
info_log("GWP-ASan has been enabled.");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_finalize() {
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_get_malloc_leak_info(uint8_t**, size_t*, size_t*, size_t*, size_t*) {
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_free_malloc_leak_info(uint8_t*) {
|
||||||
|
}
|
||||||
|
|
||||||
|
ssize_t gwp_asan_malloc_backtrace(void*, uintptr_t*, size_t) {
|
||||||
|
// TODO(mitchp): GWP-ASan might be able to return the backtrace for the
|
||||||
|
// provided address.
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool gwp_asan_write_malloc_leak_info(FILE*) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
void* gwp_asan_gfunctions[] = {
|
||||||
|
(void*)gwp_asan_initialize, (void*)gwp_asan_finalize,
|
||||||
|
(void*)gwp_asan_get_malloc_leak_info, (void*)gwp_asan_free_malloc_leak_info,
|
||||||
|
(void*)gwp_asan_malloc_backtrace, (void*)gwp_asan_write_malloc_leak_info,
|
||||||
|
};
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Implementation of GWP-ASan malloc wrappers.
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
void* gwp_asan_calloc(size_t n_elements, size_t elem_size) {
|
||||||
|
if (__predict_false(GuardedAlloc.shouldSample())) {
|
||||||
|
size_t bytes;
|
||||||
|
if (!__builtin_mul_overflow(n_elements, elem_size, &bytes)) {
|
||||||
|
if (void* result = GuardedAlloc.allocate(bytes)) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return prev_dispatch->calloc(n_elements, elem_size);
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_free(void* mem) {
|
||||||
|
if (__predict_false(GuardedAlloc.pointerIsMine(mem))) {
|
||||||
|
GuardedAlloc.deallocate(mem);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
prev_dispatch->free(mem);
|
||||||
|
}
|
||||||
|
|
||||||
|
void* gwp_asan_malloc(size_t bytes) {
|
||||||
|
if (__predict_false(GuardedAlloc.shouldSample())) {
|
||||||
|
if (void* result = GuardedAlloc.allocate(bytes)) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return prev_dispatch->malloc(bytes);
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t gwp_asan_malloc_usable_size(const void* mem) {
|
||||||
|
if (__predict_false(GuardedAlloc.pointerIsMine(mem))) {
|
||||||
|
return GuardedAlloc.getSize(mem);
|
||||||
|
}
|
||||||
|
return prev_dispatch->malloc_usable_size(mem);
|
||||||
|
}
|
||||||
|
|
||||||
|
void* gwp_asan_realloc(void* old_mem, size_t bytes) {
|
||||||
|
if (__predict_false(GuardedAlloc.pointerIsMine(old_mem))) {
|
||||||
|
size_t old_size = GuardedAlloc.getSize(old_mem);
|
||||||
|
void* new_ptr = gwp_asan_malloc(bytes);
|
||||||
|
if (new_ptr) memcpy(new_ptr, old_mem, (bytes < old_size) ? bytes : old_size);
|
||||||
|
GuardedAlloc.deallocate(old_mem);
|
||||||
|
return new_ptr;
|
||||||
|
}
|
||||||
|
return prev_dispatch->realloc(old_mem, bytes);
|
||||||
|
}
|
||||||
|
|
||||||
|
int gwp_asan_malloc_iterate(uintptr_t base, size_t size,
|
||||||
|
void (*callback)(uintptr_t base, size_t size, void* arg), void* arg) {
|
||||||
|
if (__predict_false(GuardedAlloc.pointerIsMine(reinterpret_cast<void*>(base)))) {
|
||||||
|
// TODO(mitchp): GPA::iterate() returns void, but should return int.
|
||||||
|
// TODO(mitchp): GPA::iterate() should take uintptr_t, not void*.
|
||||||
|
GuardedAlloc.iterate(reinterpret_cast<void*>(base), size, callback, arg);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return prev_dispatch->malloc_iterate(base, size, callback, arg);
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_malloc_disable() {
|
||||||
|
GuardedAlloc.disable();
|
||||||
|
prev_dispatch->malloc_disable();
|
||||||
|
}
|
||||||
|
|
||||||
|
void gwp_asan_malloc_enable() {
|
||||||
|
GuardedAlloc.enable();
|
||||||
|
prev_dispatch->malloc_enable();
|
||||||
|
}
|
||||||
|
|
||||||
|
static const MallocDispatch gwp_asan_dispatch __attribute__((unused)) = {
|
||||||
|
gwp_asan_calloc,
|
||||||
|
gwp_asan_free,
|
||||||
|
Malloc(mallinfo),
|
||||||
|
gwp_asan_malloc,
|
||||||
|
gwp_asan_malloc_usable_size,
|
||||||
|
Malloc(memalign),
|
||||||
|
Malloc(posix_memalign),
|
||||||
|
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
||||||
|
Malloc(pvalloc),
|
||||||
|
#endif
|
||||||
|
gwp_asan_realloc,
|
||||||
|
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
||||||
|
Malloc(valloc),
|
||||||
|
#endif
|
||||||
|
gwp_asan_malloc_iterate,
|
||||||
|
gwp_asan_malloc_disable,
|
||||||
|
gwp_asan_malloc_enable,
|
||||||
|
Malloc(mallopt),
|
||||||
|
Malloc(aligned_alloc),
|
||||||
|
Malloc(malloc_info),
|
||||||
|
};
|
||||||
|
|
||||||
|
// TODO(mitchp): Turn on GWP-ASan here probabilistically.
|
||||||
|
bool ShouldGwpAsanSampleProcess() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool MaybeInitGwpAsanFromLibc() {
|
||||||
|
// Never initialize the Zygote here. A Zygote chosen for sampling would also
|
||||||
|
// have all of its children sampled. Instead, the Zygote child will choose
|
||||||
|
// whether it samples or not just after the Zygote forks. For
|
||||||
|
// libc_scudo-preloaded executables (like mediaswcodec), the program name
|
||||||
|
// might not be available yet. The zygote never uses dynamic libc_scudo.
|
||||||
|
const char* progname = getprogname();
|
||||||
|
if (progname && strncmp(progname, "app_process", 11) == 0) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return MaybeInitGwpAsan(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
static bool GwpAsanInitialized = false;
|
||||||
|
|
||||||
|
// Maybe initializes GWP-ASan. Called by android_mallopt() and libc's
|
||||||
|
// initialisation. This should always be called in a single-threaded context.
|
||||||
|
bool MaybeInitGwpAsan(bool force_init) {
|
||||||
|
if (GwpAsanInitialized) {
|
||||||
|
error_log("GWP-ASan was already initialized for this process.");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the caller hasn't forced GWP-ASan on, check whether we should sample
|
||||||
|
// this process.
|
||||||
|
if (!force_init && !ShouldGwpAsanSampleProcess()) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GWP-ASan is compatible with heapprofd/malloc_debug/malloc_hooks iff
|
||||||
|
// GWP-ASan was installed first. If one of these other libraries was already
|
||||||
|
// installed, we don't enable GWP-ASan. These libraries are normally enabled
|
||||||
|
// in libc_init after GWP-ASan, but if the new process is a zygote child and
|
||||||
|
// trying to initialize GWP-ASan through mallopt(), one of these libraries may
|
||||||
|
// be installed. It may be possible to change this in future by modifying the
|
||||||
|
// internal dispatch pointers of these libraries at this point in time, but
|
||||||
|
// given that they're all debug-only, we don't really mind for now.
|
||||||
|
if (GetDefaultDispatchTable() != nullptr) {
|
||||||
|
// Something else is installed.
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GWP-ASan's initialization is always called in a single-threaded context, so
|
||||||
|
// we can initialize lock-free.
|
||||||
|
__libc_globals.mutate([](libc_globals* globals) {
|
||||||
|
// Set GWP-ASan as the malloc dispatch table.
|
||||||
|
globals->malloc_dispatch_table = gwp_asan_dispatch;
|
||||||
|
atomic_store(&globals->default_dispatch_table, &gwp_asan_dispatch);
|
||||||
|
|
||||||
|
// If malloc_limit isn't installed, we can skip the default_dispatch_table
|
||||||
|
// lookup.
|
||||||
|
if (GetDispatchTable() == nullptr) {
|
||||||
|
atomic_store(&globals->current_dispatch_table, &gwp_asan_dispatch);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
#ifndef LIBC_STATIC
|
||||||
|
SetGlobalFunctions(gwp_asan_gfunctions);
|
||||||
|
#endif // LIBC_STATIC
|
||||||
|
|
||||||
|
GwpAsanInitialized = true;
|
||||||
|
|
||||||
|
gwp_asan_initialize(NativeAllocatorDispatch(), nullptr, nullptr);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
38
libc/bionic/gwp_asan_wrappers.h
Normal file
38
libc/bionic/gwp_asan_wrappers.h
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2020 The Android Open Source Project
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* * Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* * Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||||||
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||||
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||||
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||||
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
||||||
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
||||||
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||||
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
||||||
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <private/bionic_malloc_dispatch.h>
|
||||||
|
|
||||||
|
// Hooks for libc to possibly install GWP-ASan.
|
||||||
|
bool MaybeInitGwpAsanFromLibc();
|
||||||
|
|
||||||
|
// Maybe initialize GWP-ASan. Set force_init to true to bypass process sampling.
|
||||||
|
bool MaybeInitGwpAsan(bool force_init = false);
|
|
@ -41,6 +41,7 @@
|
||||||
#include <private/bionic_config.h>
|
#include <private/bionic_config.h>
|
||||||
#include <platform/bionic/malloc.h>
|
#include <platform/bionic/malloc.h>
|
||||||
|
|
||||||
|
#include "gwp_asan_wrappers.h"
|
||||||
#include "heap_tagging.h"
|
#include "heap_tagging.h"
|
||||||
#include "malloc_common.h"
|
#include "malloc_common.h"
|
||||||
#include "malloc_limit.h"
|
#include "malloc_limit.h"
|
||||||
|
@ -316,8 +317,42 @@ extern "C" bool android_mallopt(int opcode, void* arg, size_t arg_size) {
|
||||||
if (opcode == M_SET_HEAP_TAGGING_LEVEL) {
|
if (opcode == M_SET_HEAP_TAGGING_LEVEL) {
|
||||||
return SetHeapTaggingLevel(arg, arg_size);
|
return SetHeapTaggingLevel(arg, arg_size);
|
||||||
}
|
}
|
||||||
|
if (opcode == M_INITIALIZE_GWP_ASAN) {
|
||||||
|
if (arg == nullptr || arg_size != sizeof(bool)) {
|
||||||
|
errno = EINVAL;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return MaybeInitGwpAsan(*reinterpret_cast<bool*>(arg));
|
||||||
|
}
|
||||||
errno = ENOTSUP;
|
errno = ENOTSUP;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
// =============================================================================
|
// =============================================================================
|
||||||
|
|
||||||
|
static constexpr MallocDispatch __libc_malloc_default_dispatch __attribute__((unused)) = {
|
||||||
|
Malloc(calloc),
|
||||||
|
Malloc(free),
|
||||||
|
Malloc(mallinfo),
|
||||||
|
Malloc(malloc),
|
||||||
|
Malloc(malloc_usable_size),
|
||||||
|
Malloc(memalign),
|
||||||
|
Malloc(posix_memalign),
|
||||||
|
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
||||||
|
Malloc(pvalloc),
|
||||||
|
#endif
|
||||||
|
Malloc(realloc),
|
||||||
|
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
||||||
|
Malloc(valloc),
|
||||||
|
#endif
|
||||||
|
Malloc(malloc_iterate),
|
||||||
|
Malloc(malloc_disable),
|
||||||
|
Malloc(malloc_enable),
|
||||||
|
Malloc(mallopt),
|
||||||
|
Malloc(aligned_alloc),
|
||||||
|
Malloc(malloc_info),
|
||||||
|
};
|
||||||
|
|
||||||
|
const MallocDispatch* NativeAllocatorDispatch() {
|
||||||
|
return &__libc_malloc_default_dispatch;
|
||||||
|
}
|
||||||
|
|
|
@ -74,6 +74,8 @@ __END_DECLS
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
const MallocDispatch* NativeAllocatorDispatch();
|
||||||
|
|
||||||
static inline const MallocDispatch* GetDispatchTable() {
|
static inline const MallocDispatch* GetDispatchTable() {
|
||||||
return atomic_load_explicit(&__libc_globals->current_dispatch_table, memory_order_acquire);
|
return atomic_load_explicit(&__libc_globals->current_dispatch_table, memory_order_acquire);
|
||||||
}
|
}
|
||||||
|
|
|
@ -64,6 +64,7 @@
|
||||||
|
|
||||||
#include <sys/system_properties.h>
|
#include <sys/system_properties.h>
|
||||||
|
|
||||||
|
#include "gwp_asan_wrappers.h"
|
||||||
#include "heap_tagging.h"
|
#include "heap_tagging.h"
|
||||||
#include "malloc_common.h"
|
#include "malloc_common.h"
|
||||||
#include "malloc_common_dynamic.h"
|
#include "malloc_common_dynamic.h"
|
||||||
|
@ -90,30 +91,6 @@ static _Atomic bool gZygoteChildProfileable = false;
|
||||||
|
|
||||||
// =============================================================================
|
// =============================================================================
|
||||||
|
|
||||||
static constexpr MallocDispatch __libc_malloc_default_dispatch
|
|
||||||
__attribute__((unused)) = {
|
|
||||||
Malloc(calloc),
|
|
||||||
Malloc(free),
|
|
||||||
Malloc(mallinfo),
|
|
||||||
Malloc(malloc),
|
|
||||||
Malloc(malloc_usable_size),
|
|
||||||
Malloc(memalign),
|
|
||||||
Malloc(posix_memalign),
|
|
||||||
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
|
||||||
Malloc(pvalloc),
|
|
||||||
#endif
|
|
||||||
Malloc(realloc),
|
|
||||||
#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
|
|
||||||
Malloc(valloc),
|
|
||||||
#endif
|
|
||||||
Malloc(malloc_iterate),
|
|
||||||
Malloc(malloc_disable),
|
|
||||||
Malloc(malloc_enable),
|
|
||||||
Malloc(mallopt),
|
|
||||||
Malloc(aligned_alloc),
|
|
||||||
Malloc(malloc_info),
|
|
||||||
};
|
|
||||||
|
|
||||||
static constexpr char kHooksSharedLib[] = "libc_malloc_hooks.so";
|
static constexpr char kHooksSharedLib[] = "libc_malloc_hooks.so";
|
||||||
static constexpr char kHooksPrefix[] = "hooks";
|
static constexpr char kHooksPrefix[] = "hooks";
|
||||||
static constexpr char kHooksPropertyEnable[] = "libc.debug.hooks.enable";
|
static constexpr char kHooksPropertyEnable[] = "libc.debug.hooks.enable";
|
||||||
|
@ -261,6 +238,12 @@ static bool CheckLoadMallocDebug(char** options) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void SetGlobalFunctions(void* functions[]) {
|
||||||
|
for (size_t i = 0; i < FUNC_LAST; i++) {
|
||||||
|
gFunctions[i] = functions[i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static void ClearGlobalFunctions() {
|
static void ClearGlobalFunctions() {
|
||||||
for (size_t i = 0; i < FUNC_LAST; i++) {
|
for (size_t i = 0; i < FUNC_LAST; i++) {
|
||||||
gFunctions[i] = nullptr;
|
gFunctions[i] = nullptr;
|
||||||
|
@ -344,7 +327,15 @@ void* LoadSharedLibrary(const char* shared_lib, const char* prefix, MallocDispat
|
||||||
|
|
||||||
bool FinishInstallHooks(libc_globals* globals, const char* options, const char* prefix) {
|
bool FinishInstallHooks(libc_globals* globals, const char* options, const char* prefix) {
|
||||||
init_func_t init_func = reinterpret_cast<init_func_t>(gFunctions[FUNC_INITIALIZE]);
|
init_func_t init_func = reinterpret_cast<init_func_t>(gFunctions[FUNC_INITIALIZE]);
|
||||||
if (!init_func(&__libc_malloc_default_dispatch, &gZygoteChild, options)) {
|
|
||||||
|
// If GWP-ASan was initialised, we should use it as the dispatch table for
|
||||||
|
// heapprofd/malloc_debug/malloc_debug.
|
||||||
|
const MallocDispatch* prev_dispatch = GetDefaultDispatchTable();
|
||||||
|
if (prev_dispatch == nullptr) {
|
||||||
|
prev_dispatch = NativeAllocatorDispatch();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!init_func(prev_dispatch, &gZygoteChild, options)) {
|
||||||
error_log("%s: failed to enable malloc %s", getprogname(), prefix);
|
error_log("%s: failed to enable malloc %s", getprogname(), prefix);
|
||||||
ClearGlobalFunctions();
|
ClearGlobalFunctions();
|
||||||
return false;
|
return false;
|
||||||
|
@ -388,6 +379,8 @@ static void MallocInitImpl(libc_globals* globals) {
|
||||||
char prop[PROP_VALUE_MAX];
|
char prop[PROP_VALUE_MAX];
|
||||||
char* options = prop;
|
char* options = prop;
|
||||||
|
|
||||||
|
MaybeInitGwpAsanFromLibc();
|
||||||
|
|
||||||
// Prefer malloc debug since it existed first and is a more complete
|
// Prefer malloc debug since it existed first and is a more complete
|
||||||
// malloc interceptor than the hooks.
|
// malloc interceptor than the hooks.
|
||||||
bool hook_installed = false;
|
bool hook_installed = false;
|
||||||
|
@ -531,6 +524,13 @@ extern "C" bool android_mallopt(int opcode, void* arg, size_t arg_size) {
|
||||||
if (opcode == M_SET_HEAP_TAGGING_LEVEL) {
|
if (opcode == M_SET_HEAP_TAGGING_LEVEL) {
|
||||||
return SetHeapTaggingLevel(arg, arg_size);
|
return SetHeapTaggingLevel(arg, arg_size);
|
||||||
}
|
}
|
||||||
|
if (opcode == M_INITIALIZE_GWP_ASAN) {
|
||||||
|
if (arg == nullptr || arg_size != sizeof(bool)) {
|
||||||
|
errno = EINVAL;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return MaybeInitGwpAsan(*reinterpret_cast<bool*>(arg));
|
||||||
|
}
|
||||||
// Try heapprofd's mallopt, as it handles options not covered here.
|
// Try heapprofd's mallopt, as it handles options not covered here.
|
||||||
return HeapprofdMallopt(opcode, arg, arg_size);
|
return HeapprofdMallopt(opcode, arg, arg_size);
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,3 +45,6 @@ bool FinishInstallHooks(libc_globals* globals, const char* options, const char*
|
||||||
// Lock for globals, to guarantee that only one thread is doing a mutate.
|
// Lock for globals, to guarantee that only one thread is doing a mutate.
|
||||||
extern pthread_mutex_t gGlobalsMutateLock;
|
extern pthread_mutex_t gGlobalsMutateLock;
|
||||||
extern _Atomic bool gGlobalsMutating;
|
extern _Atomic bool gGlobalsMutating;
|
||||||
|
|
||||||
|
// Function hooks instantiations, used by dispatch-table allocators to install themselves.
|
||||||
|
void SetGlobalFunctions(void* functions[]);
|
||||||
|
|
|
@ -97,6 +97,14 @@ enum {
|
||||||
// arg_size = sizeof(bool)
|
// arg_size = sizeof(bool)
|
||||||
M_GET_PROCESS_PROFILEABLE = 9,
|
M_GET_PROCESS_PROFILEABLE = 9,
|
||||||
#define M_GET_PROCESS_PROFILEABLE M_GET_PROCESS_PROFILEABLE
|
#define M_GET_PROCESS_PROFILEABLE M_GET_PROCESS_PROFILEABLE
|
||||||
|
// Maybe enable GWP-ASan. Set *arg to force GWP-ASan to be turned on,
|
||||||
|
// otherwise this mallopt() will internally decide whether to sample the
|
||||||
|
// process. The program must be single threaded at the point when the
|
||||||
|
// android_mallopt function is called.
|
||||||
|
// arg = bool*
|
||||||
|
// arg_size = sizeof(bool)
|
||||||
|
M_INITIALIZE_GWP_ASAN = 10,
|
||||||
|
#define M_INITIALIZE_GWP_ASAN M_INITIALIZE_GWP_ASAN
|
||||||
};
|
};
|
||||||
|
|
||||||
enum HeapTaggingLevel {
|
enum HeapTaggingLevel {
|
||||||
|
|
Loading…
Reference in a new issue