[PATCH] D70762: scudo: Add initial memory tagging support.
Peter Collingbourne via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Nov 27 14:09:41 PST 2019
pcc added a comment.
In D70762#1762324 <https://reviews.llvm.org/D70762#1762324>, @hctim wrote:
> > The granules
> > either side of the allocation are tagged with tag 0, which is normally
> > excluded from the set of tags that may be selected randomly
>
> It seems valuable to have the LHS and RHS of an allocation as a nonzero tag. IIUC, the chunk header is on the LHS for primary allocations, and making the header MTE-protected (the tag can be stored in the Primary allocator struct somewhere) seems like a good additional security step to make it unwriteable from a deterministic (zeroed) pointer.
It's already protected by using tag 0, which we don't use in heap pointers, so I'm not sure what your concern is.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D70762/new/
https://reviews.llvm.org/D70762
More information about the llvm-commits
mailing list