From 96836f463b9c5fe4af85ef85b725fe5a295334db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Wed, 24 Jul 2024 17:20:07 +0200 Subject: [PATCH] linux: make use of mseal(2) Instead of protecting the global read-only data structure after startup via the read-only flag, which can be reverted, use the in Linux 6.10 introduced irreversible syscall mseal(2). --- h_malloc.c | 5 +++++ memory.c | 18 ++++++++++++++++++ memory.h | 1 + 3 files changed, 24 insertions(+) diff --git a/h_malloc.c b/h_malloc.c index 15be0a2..6ff13a4 100644 --- a/h_malloc.c +++ b/h_malloc.c @@ -1285,7 +1285,12 @@ COLD static void init_slow_path(void) { atomic_store_explicit(&ro.slab_region_end, slab_region_end, memory_order_release); +#if defined(__ANDROID__) && defined(HAS_ARM_MTE) + /* Do not seal to support disabling memory tagging */ if (unlikely(memory_protect_ro(&ro, sizeof(ro)))) { +#else + if (unlikely(memory_protect_seal(&ro, sizeof(ro)))) { +#endif fatal_error("failed to protect allocator data"); } memory_set_name(&ro, sizeof(ro), "malloc read-only after init"); diff --git a/memory.c b/memory.c index 5434060..1a354ae 100644 --- a/memory.c +++ b/memory.c @@ -1,6 +1,8 @@ #include +#include #include +#include #ifdef LABEL_MEMORY #include @@ -83,6 +85,22 @@ bool memory_protect_rw_metadata(void *ptr, size_t size) { return memory_protect_prot(ptr, size, PROT_READ|PROT_WRITE, get_metadata_key()); } +COLD bool memory_protect_seal(void *ptr, size_t size) { +#if defined(__linux__) && defined(__NR_mseal) + /* supported since Linux 6.10 */ + int ret = syscall(__NR_mseal, ptr, size, 0); + if (ret == 0) + return false; + if (unlikely(errno == ENOMEM)) + return true; + if (errno == ENOSYS) + return memory_protect_ro(ptr, size); + fatal_error("non-ENOMEM and non-ENOSYS mseal failure"); +#else + return memory_protect_ro(ptr, size); +#endif +} + #ifdef HAVE_COMPATIBLE_MREMAP bool memory_remap(void *old, size_t old_size, size_t new_size) { void *ptr = mremap(old, old_size, new_size, 0); diff --git a/memory.h b/memory.h index 6e4cd4d..12fb78b 100644 --- a/memory.h +++ b/memory.h @@ -19,6 +19,7 @@ bool memory_unmap(void *ptr, size_t size); bool memory_protect_ro(void *ptr, size_t size); bool memory_protect_rw(void *ptr, size_t size); bool memory_protect_rw_metadata(void *ptr, size_t size); +bool memory_protect_seal(void *ptr, size_t size); #ifdef HAVE_COMPATIBLE_MREMAP bool memory_remap(void *old, size_t old_size, size_t new_size); bool memory_remap_fixed(void *old, size_t old_size, void *new, size_t new_size);