Add definition of M_MEMTAG_TUNING.
Bug: 191769584
Test: N/A
Merged-In: Ief77f95a04411528563787a9fc6d10738fc5688f
Change-Id: Ief77f95a04411528563787a9fc6d10738fc5688f
(cherry picked from commit d8d561c984)
This commit is contained in:
Evgenii Stepanov
parent
29045b3d7b
commit
a44aa2e138
1 changed files with 41 additions and 2 deletions
|
|
@ -170,7 +170,45 @@ int malloc_info(int __must_be_zero, FILE* __fp) __INTRODUCED_IN(23);
|
|||
* Available since API level 28.
|
||||
*/
|
||||
#define M_PURGE (-101)
|
||||
/*
|
||||
|
||||
|
||||
/**
|
||||
* mallopt() option to tune the allocator's choice of memory tags to
|
||||
* make it more likely that a certain class of memory errors will be
|
||||
* detected. This is only relevant if MTE is enabled in this process
|
||||
* and ignored otherwise. The value argument should be one of the
|
||||
* M_MEMTAG_TUNING_* flags.
|
||||
* NOTE: This is only available in scudo.
|
||||
*
|
||||
* Available since API level 31.
|
||||
*/
|
||||
#define M_MEMTAG_TUNING (-102)
|
||||
|
||||
/**
|
||||
* When passed as a value of M_MEMTAG_TUNING mallopt() call, enables
|
||||
* deterministic detection of linear buffer overflow and underflow
|
||||
* bugs by assigning distinct tag values to adjacent allocations. This
|
||||
* mode has a slightly reduced chance to detect use-after-free bugs
|
||||
* because only half of the possible tag values are available for each
|
||||
* memory location.
|
||||
*
|
||||
* Please keep in mind that MTE can not detect overflow within the
|
||||
* same tag granule (16-byte aligned chunk), and can miss small
|
||||
* overflows even in this mode. Such overflow can not be the cause of
|
||||
* a memory corruption, because the memory within one granule is never
|
||||
* used for multiple allocations.
|
||||
*/
|
||||
#define M_MEMTAG_TUNING_BUFFER_OVERFLOW 0
|
||||
|
||||
/**
|
||||
* When passed as a value of M_MEMTAG_TUNING mallopt() call, enables
|
||||
* independently randomized tags for uniform ~93% probability of
|
||||
* detecting both spatial (buffer overflow) and temporal (use after
|
||||
* free) bugs.
|
||||
*/
|
||||
#define M_MEMTAG_TUNING_UAF 1
|
||||
|
||||
/**
|
||||
* mallopt() option for per-thread memory initialization tuning.
|
||||
* The value argument should be one of:
|
||||
* 1: Disable automatic heap initialization and, where possible, memory tagging,
|
||||
|
|
@ -210,7 +248,7 @@ int malloc_info(int __must_be_zero, FILE* __fp) __INTRODUCED_IN(23);
|
|||
* should not be zero-initialized, any other value indicates to initialize heap
|
||||
* memory to zero.
|
||||
*
|
||||
* Note that this memory mitigations is only implemented in scudo and therefore
|
||||
* Note that this memory mitigation is only implemented in scudo and therefore
|
||||
* this will have no effect when using another allocator (such as jemalloc on
|
||||
* Android Go devices).
|
||||
*
|
||||
|
|
@ -222,6 +260,7 @@ int malloc_info(int __must_be_zero, FILE* __fp) __INTRODUCED_IN(23);
|
|||
* mallopt() option to change the heap tagging state. May be called at any
|
||||
* time, including when multiple threads are running.
|
||||
* The value must be one of the M_HEAP_TAGGING_LEVEL_ constants.
|
||||
* NOTE: This is only available in scudo.
|
||||
*
|
||||
* Available since API level 31.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue