4cded9729b
These two options allow for ARM MTE to be enabled dynamically (instead
of at compile time via the ELF note). They are settable from a non-root
shell to allow device owners to test system binaries with MTE.
The following values may be set:
1. 'off' -> No MTE, uses TBI on compatible devices.
2. 'sync' -> SYNC MTE.
3. 'async' -> ASYNC MTE.
The following methods can be used to launch a process (sanitizer-status)
with configurable values:
1. adb shell MEMTAG_OPTIONS=async sanitizer-status
2. adb shell setprop arm64.memtag.process.sanitizer-status async && \
adb shell sanitizer-status
Note: The system server will require some special handing in the zygote
pre-fork to check the sysprops. The zygote should always have the ELF
note. TODO in a subsequent patch.
Bug: 135772972
Bug: 172365548
Test: Launching sanitizer-status above using both the settings.
Change-Id: Ic1dbf3985a3f23521ec86725ec482c8f6739c182
71 lines
2.4 KiB
C++
71 lines
2.4 KiB
C++
/*
|
|
* Copyright (C) 2020 The Android Open Source Project
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <sys/auxv.h>
|
|
#include <sys/prctl.h>
|
|
|
|
// Note: Most PR_MTE_* constants come from the upstream kernel. This tag mask
|
|
// allows for the hardware to provision any nonzero tag. Zero tags are reserved
|
|
// for scudo to use for the chunk headers in order to prevent linear heap
|
|
// overflow/underflow.
|
|
#define PR_MTE_TAG_SET_NONZERO (0xfffeUL << PR_MTE_TAG_SHIFT)
|
|
|
|
inline bool mte_supported() {
|
|
#if defined(__aarch64__)
|
|
static bool supported = getauxval(AT_HWCAP2) & HWCAP2_MTE;
|
|
#else
|
|
static bool supported = false;
|
|
#endif
|
|
return supported;
|
|
}
|
|
|
|
#ifdef __aarch64__
|
|
class ScopedDisableMTE {
|
|
size_t prev_tco_;
|
|
|
|
public:
|
|
ScopedDisableMTE() {
|
|
if (mte_supported()) {
|
|
__asm__ __volatile__(".arch_extension mte; mrs %0, tco; msr tco, #1" : "=r"(prev_tco_));
|
|
}
|
|
}
|
|
|
|
~ScopedDisableMTE() {
|
|
if (mte_supported()) {
|
|
__asm__ __volatile__(".arch_extension mte; msr tco, %0" : : "r"(prev_tco_));
|
|
}
|
|
}
|
|
};
|
|
#else
|
|
struct ScopedDisableMTE {
|
|
// Silence unused variable warnings in non-aarch64 builds.
|
|
ScopedDisableMTE() {}
|
|
};
|
|
#endif
|