[all-commits] [llvm/llvm-project] c299d1: scudo: Add initial memory tagging support.

pcc via All-commits all-commits at lists.llvm.org
Thu Jan 16 13:28:21 PST 2020 

  Branch: refs/heads/master
  Home:   https://github.com/llvm/llvm-project
  Commit: c299d1981deaf822dfaa06c791f3158bd6801e20
      https://github.com/llvm/llvm-project/commit/c299d1981deaf822dfaa06c791f3158bd6801e20
  Author: Peter Collingbourne <peter at pcc.me.uk>
  Date:   2020-01-16 (Thu, 16 Jan 2020)

  Changed paths:
    M compiler-rt/lib/scudo/standalone/allocator_config.h
    M compiler-rt/lib/scudo/standalone/combined.h
    M compiler-rt/lib/scudo/standalone/common.h
    M compiler-rt/lib/scudo/standalone/linux.cpp
    A compiler-rt/lib/scudo/standalone/memtag.h
    M compiler-rt/lib/scudo/standalone/primary32.h
    M compiler-rt/lib/scudo/standalone/primary64.h
    M compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
    M compiler-rt/lib/scudo/standalone/tests/primary_test.cpp
    M compiler-rt/lib/scudo/standalone/wrappers_c.inc

  Log Message:
  -----------
  scudo: Add initial memory tagging support.

When the hardware and operating system support the ARM Memory Tagging
Extension, tag primary allocation granules with a random tag. The granules
either side of the allocation are tagged with tag 0, which is normally
excluded from the set of tags that may be selected randomly. Memory is
also retagged with a random tag when it is freed, and we opportunistically
reuse the new tag when the block is reused to reduce overhead. This causes
linear buffer overflows to be caught deterministically and non-linear buffer
overflows and use-after-free to be caught probabilistically.

This feature is currently only enabled for the Android allocator
and depends on an experimental Linux kernel branch available here:
https://github.com/pcc/linux/tree/android-experimental-mte

All code that depends on the kernel branch is hidden behind a macro,
ANDROID_EXPERIMENTAL_MTE. This is the same macro that is used by the Android
platform and may only be defined in non-production configurations. When the
userspace interface is finalized the code will be updated to use the stable
interface and all #ifdef ANDROID_EXPERIMENTAL_MTE will be removed.

Differential Revision: https://reviews.llvm.org/D70762

More information about the All-commits mailing list