tequilaOS/platform_bionic

Fork 0

Commit graph

Author	SHA1	Message	Date
Peter Collingbourne	b6a592b25b	Make fork equivalent to vfork when HWASan or MTE stack tagging is enabled. Bug: 274056091 Change-Id: Iac029ca6b0e26f57f20c0a54822b75e3cae67344	2023-05-08 15:26:00 -07:00
Evgenii Stepanov	3031a7e45e	memtag_stack: vfork and longjmp support. With memtag_stack, each function is responsible for cleaning up allocation tags for its stack frame. Allocation tags for anything below SP must match the address tag in SP. Both vfork and longjmp implement non-local control transfer which abandons part of the stack without proper cleanup. Update allocation tags: * For longjmp, we know both source and destination values of SP. * For vfork, save the value of SP before exit() or exec() - the only valid ways of ending the child process according to POSIX - and reset tags from there to SP-in-parent. This is not 100% solid and can be confused by a number of hopefully uncommon conditions: Segmented stacks. * Longjmp from sigaltstack into the main stack. * Some kind of userspace thread implementation using longjmp (that's UB, longjmp can only return to the caller on the current stack). * and other strange things. This change adds a sanity limit on the size of the tag cleanup. Also, this logic is only activated in the binaries that carry the NT_MEMTAG_STACK note (set by -fsanitize=memtag-stack) which is meant as a debugging configuration, is not compatible with pre-armv9 CPUs, and should not be set on production code. Bug: b/174878242 Test: fvp_mini with ToT LLVM (more test in a separate change) Change-Id: Ibef8b2fc5a6ce85c8e562dead1019964d9f6b80b	2022-05-27 13:19:34 -07:00
Victor Khimenko	8e0707d82c	Move exit.c from stdlib to bionic subdirectory. Test: make Change-Id: I2182d5a7c97abc0335e88d2d9dd9f77bc7e7f633	2020-06-10 16:38:05 +02:00

Author

SHA1

Message

Date

Peter Collingbourne

b6a592b25b

Make fork equivalent to vfork when HWASan or MTE stack tagging is enabled.

Bug: 274056091
Change-Id: Iac029ca6b0e26f57f20c0a54822b75e3cae67344

2023-05-08 15:26:00 -07:00

Evgenii Stepanov

3031a7e45e

memtag_stack: vfork and longjmp support.

With memtag_stack, each function is responsible for cleaning up
allocation tags for its stack frame. Allocation tags for anything below
SP must match the address tag in SP.

Both vfork and longjmp implement non-local control transfer which
abandons part of the stack without proper cleanup. Update allocation
tags:
* For longjmp, we know both source and destination values of SP.
* For vfork, save the value of SP before exit() or exec*() - the only
  valid ways of ending the child process according to POSIX - and reset
  tags from there to SP-in-parent.

This is not 100% solid and can be confused by a number of hopefully
uncommon conditions:
* Segmented stacks.
* Longjmp from sigaltstack into the main stack.
* Some kind of userspace thread implementation using longjmp (that's UB,
  longjmp can only return to the caller on the current stack).
* and other strange things.

This change adds a sanity limit on the size of the tag cleanup. Also,
this logic is only activated in the binaries that carry the
NT_MEMTAG_STACK note (set by -fsanitize=memtag-stack) which is meant as
a debugging configuration, is not compatible with pre-armv9 CPUs, and
should not be set on production code.

Bug: b/174878242
Test: fvp_mini with ToT LLVM (more test in a separate change)

Change-Id: Ibef8b2fc5a6ce85c8e562dead1019964d9f6b80b

2022-05-27 13:19:34 -07:00

Victor Khimenko

8e0707d82c

Move exit.c from stdlib to bionic subdirectory.

Test: make

Change-Id: I2182d5a7c97abc0335e88d2d9dd9f77bc7e7f633

2020-06-10 16:38:05 +02:00

3 commits