Christian Göttsche 
								
							 
						 
						
							
							
							
							
								
							
							
								885a0490d0 
								
							 
						 
						
							
							
								
								ReadMe: adjust section about library location  
							
							
							
						 
						
							2024-10-21 18:33:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								b1d9571fec 
								
							 
						 
						
							
							
								
								remove trailing whitespace  
							
							
							
						 
						
							2024-10-12 03:23:52 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								e03579253a 
								
							 
						 
						
							
							
								
								preserve PROT_MTE when releasing memory  
							
							
							
						 
						
							2024-10-12 03:19:16 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								9739cb4690 
								
							 
						 
						
							
							
								
								use wrapper for calling memory_map_mte  
							
							
							
						 
						
							2024-10-12 03:19:03 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								aa950244f8 
								
							 
						 
						
							
							
								
								reuse code for memory_map_mte  
							
							... 
							
							
							
							This drops the separate error message since that doesn't seem useful. 
							
						 
						
							2024-10-12 03:18:36 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								6402e2b0d4 
								
							 
						 
						
							
							
								
								reduce probability hint for is_memtag_enabled  
							
							
							
						 
						
							2024-10-12 03:17:44 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								e86192e7fe 
								
							 
						 
						
							
							
								
								remove redundant warning switches for Android  
							
							... 
							
							
							
							Android already enables -Wall and -Wextra in the global soong build
settings. 
							
						 
						
							2024-10-09 19:57:15 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Julien Voisin 
								
							 
						 
						
							
							
							
							
								
							
							
								6ce663a8bd 
								
							 
						 
						
							
							
								
								Fix -Wimplicit-function-declaration error with gcc 14.  
							
							... 
							
							
							
							```
malloc_info.c: In function 'leak_memory':
malloc_info.c:12:12: error: implicit declaration of function 'malloc' [-Wimplicit-function-declaration]
   12 |     (void)!malloc(1024 * 1024 * 1024);
      |            ^~~~~~
malloc_info.c:10:1: note: include '<stdlib.h>' or provide a declaration of 'malloc'
    9 | #include "../util.h"
  +++ |+#include <stdlib.h>
   10 |
malloc_info.c:12:12: warning: incompatible implicit declaration of built-in function 'malloc' [-Wbuiltin-declaration-mismatch]
   12 |     (void)!malloc(1024 * 1024 * 1024);
      |            ^~~~~~
```
Taken from https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/72971/ 
Co-authored-by: @mio 
							
						 
						
							2024-10-03 23:44:15 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									maade93791 
								
							 
						 
						
							
							
							
							
								
							
							
								9ca9d2d925 
								
							 
						 
						
							
							
								
								android: use more basic CPU target for memtag  
							
							... 
							
							
							
							This is required for hardened_malloc to work in microdroid on MTE-enabled devices (currently, 8th
and 9th generation Pixels) since PVMFW only supports ARMv8 cores.
https://android.googlesource.com/platform/packages/modules/Virtualization/+/refs/tags/android-15.0.0_r1/pvmfw/platform.dts#100  
							
						 
						
							2024-09-09 19:22:23 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								3f07acfab1 
								
							 
						 
						
							
							
								
								update libdivide to 5.1  
							
							
							
						 
						
							2024-08-05 02:25:55 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								749640c274 
								
							 
						 
						
							
							
								
								update copyright notice  
							
							
							
						 
						
							2024-02-15 02:57:33 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								7268189933 
								
							 
						 
						
							
							
								
								mte: use tag 0 for freed slots, stop reserving tag 15  
							
							
							
						 
						
							2024-01-23 12:56:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								3c1f40aff0 
								
							 
						 
						
							
							
								
								amend memory tagging README section  
							
							... 
							
							
							
							Memory tagging is enabled by default in bionic, but can be disabled at any point.
Memory tagging can't be re-enabled after it's disabled. 
							
						 
						
							2024-01-23 12:56:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								5fbbdc2ef8 
								
							 
						 
						
							
							
								
								memtag_test: add test for MADV_DONTNEED behavior  
							
							
							
						 
						
							2024-01-23 12:56:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								7d2151e40c 
								
							 
						 
						
							
							
								
								mte: remove util.h dependency from arm_mte.h  
							
							... 
							
							
							
							It's needed for including arm_mte.h into memtag_test.cc 
							
						 
						
							2024-01-23 12:56:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								4756716904 
								
							 
						 
						
							
							
								
								memtag_test: move SEGV code checks to device-side binary  
							
							
							
						 
						
							2024-01-23 12:56:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								a3bf742c3e 
								
							 
						 
						
							
							
								
								remove trailing whitespace  
							
							
							
						 
						
							2024-01-03 14:44:08 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Julien Voisin 
								
							 
						 
						
							
							
							
							
								
							
							
								53a45b4661 
								
							 
						 
						
							
							
								
								Improve a bit the formulation of the MTE documentation  
							
							
							
						 
						
							2024-01-03 13:40:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								abe54dba27 
								
							 
						 
						
							
							
								
								update memory tagging documentation  
							
							
							
						 
						
							2024-01-03 12:22:56 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								365ee6900d 
								
							 
						 
						
							
							
								
								android: restore the default SIGABRT handler in fatal_error()  
							
							... 
							
							
							
							async_safe_fatal() calls abort() at the end, which can be intercepted by a custom SIGABRT handler.
In particular, crashlytics installs such a handler and tries to fork() after catching SIGABRT.
hardened_malloc uses pthread_atfork() to register fork handlers. These handlers try to lock internal
hardened_malloc mutexes. If at least one of those mutexes is already locked, which is usually the
case, thread that called fatai_error() gets deadlocked, while the other threads (if there are any)
continue to run. 
							
						 
						
							2023-12-31 11:21:28 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Christian Göttsche 
								
							 
						 
						
							
							
							
							
								
							
							
								7093fdc482 
								
							 
						 
						
							
							
								
								README: add note about AppArmor constraint on Debian  
							
							
							
						 
						
							2023-12-14 09:06:32 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									jvoisin 
								
							 
						 
						
							
							
							
							
								
							
							
								61821b02c8 
								
							 
						 
						
							
							
								
								Clarify a bit why a particular magic number was chosen  
							
							
							
						 
						
							2023-11-16 14:25:54 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								3c274731ba 
								
							 
						 
						
							
							
								
								Revert "use safe_flag for -fstack-clash-protection"  
							
							... 
							
							
							
							This reverts commit 4171bd164e 
							
						 
						
							2023-11-14 16:19:33 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								4171bd164e 
								
							 
						 
						
							
							
								
								use safe_flag for -fstack-clash-protection  
							
							
							
						 
						
							2023-11-08 14:21:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									jvoisin 
								
							 
						 
						
							
							
							
							
								
							
							
								352c083f65 
								
							 
						 
						
							
							
								
								Run the testsuite on multiple compiler versions  
							
							
							
						 
						
							2023-11-05 17:58:32 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								88b3c1acf9 
								
							 
						 
						
							
							
								
								memtag_test: fix sporadic failures of overflow/underflow tests  
							
							
							
						 
						
							2023-11-01 17:33:20 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel Micay 
								
							 
						 
						
							
							
							
							
								
							
							
								f793a3edf6 
								
							 
						 
						
							
							
								
								update README now that MTE is implemented  
							
							
							
						 
						
							2023-10-30 14:23:48 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								fd75fc1ba8 
								
							 
						 
						
							
							
								
								mte: add scudo to CREDITS file  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								72dc236d5f 
								
							 
						 
						
							
							
								
								mte: add untag_pointer() variant for const pointers  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								be08eeee2d 
								
							 
						 
						
							
							
								
								mte: update comment about skipped tag array update in deallocate_small()  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								25f0fe9c69 
								
							 
						 
						
							
							
								
								remove an always-true sizeof(u8) assert  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								c75cb4c3f3 
								
							 
						 
						
							
							
								
								mte: refactor tag_and_clear_slab_slot()  
							
							... 
							
							
							
							Explicitly call is_memtag_enabled() before calling tag_and_clear_slab_slot() to make it clearer that
memory is not zeroed when MTE is disabled. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								b560431c01 
								
							 
						 
						
							
							
								
								mte: note why 0 tag is excluded  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								009f2dad76 
								
							 
						 
						
							
							
								
								mte: note alignment requirements of arm_mte_tag_and_clear_mem()  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								03883eb2ce 
								
							 
						 
						
							
							
								
								mte: rename arm_mte_store_tags_and_clear() to arm_mte_tag_and_clear_mem()  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								7a6dbd8152 
								
							 
						 
						
							
							
								
								mte: add comment about the reserved slab canary value  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								f16ef601d4 
								
							 
						 
						
							
							
								
								memtag_test: improve capturing of test results  
							
							... 
							
							
							
							Using debuggerd + logcat parsing is unreliable and slow, print SEGV signal code to stderr instead. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								155800526a 
								
							 
						 
						
							
							
								
								memtag_test: improve tag_distinctness test  
							
							... 
							
							
							
							- check that tag distinctess checks are actually reached (it was previously verified manually by
looking at the now-removed printf output)
- check that only non-reserved tags are used
- check that all of non-reserved tags are used
- print tag usage statistics at the end of run 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								28d5d394cf 
								
							 
						 
						
							
							
								
								memtag_test: remove usages of rand()  
							
							... 
							
							
							
							It didn't work correctly due to not being seeded and its usage wasn't necessary. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								577d9583eb 
								
							 
						 
						
							
							
								
								mte: add licensing info for code that was copied from scudo  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								93aa9eefe4 
								
							 
						 
						
							
							
								
								mte: make h_malloc_disable_memory_tagging() thread-safe  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								01a199e19e 
								
							 
						 
						
							
							
								
								mte: move is_memtag_enabled to read-only allocator data  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								576328b1b4 
								
							 
						 
						
							
							
								
								android: add MTE tests  
							
							... 
							
							
							
							To run them, connect an MTE-enabled device via adb and execute `atest HMallocTest:MemtagTest`.
Since these tests are not deterministic (and neither is hardened_malloc itself), it's better to run
them multiple times, e.g. `atest --iterations 30 HMallocTest:MemtagTest`.
There are also CTS tests that are useful for checking correctness of the Android integration:
`atest CtsTaggingHostTestCases` 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								5137d2da4d 
								
							 
						 
						
							
							
								
								android: enable MTE on devices that declare having it  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								f042a6b9b0 
								
							 
						 
						
							
							
								
								android: add function for disabling MTE at runtime  
							
							... 
							
							
							
							On Android, MTE is always enabled in Zygote, and is disabled after fork for apps that didn't opt-in
to MTE.
Depends on the slab canary adjustments in the previous commit. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								001fc86585 
								
							 
						 
						
							
							
								
								mte: disable slab canaries when MTE is on  
							
							... 
							
							
							
							Canary with the "0" value is now reserved to support re-enabling slab canaries if MTE is turned off
at runtime. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								70c91f4c3e 
								
							 
						 
						
							
							
								
								mte: disable write-after-free check for slab allocations when MTE is on  
							
							... 
							
							
							
							Freed slab memory is tagged with a reserved tag value that is never used for live allocations. 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								e3686ae457 
								
							 
						 
						
							
							
								
								add support for Arm MTE memory tagging  
							
							... 
							
							
							
							- tag slab allocations with [1..14] tags
- tag freed slab allocations with the "15" tag value to detect accesses to freed slab memory
- when generating tag value for a slab slot, always exclude most recent tag value for that slot
(to make use-after-free detection more reliable) and most recent tag values of its immediate
neighbors (to detect linear overflows and underflows) 
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								19a46e0f96 
								
							 
						 
						
							
							
								
								add helper functions for using u8 array as u4 array  
							
							
							
						 
						
							2023-10-30 14:20:53 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Dmitry Muhomor 
								
							 
						 
						
							
							
							
							
								
							
							
								8d5c631224 
								
							 
						 
						
							
							
								
								android: implement fatal_error() via async_safe_fatal()  
							
							... 
							
							
							
							async_safe_fatal() performs the following steps:
- logs the error message to stderr and logcat
- passes error message to debuggerd via android_set_abort_message(). debuggerd then saves the error
message in the crash report file ("tombstone")
- calls abort() 
							
						 
						
							2023-09-28 13:47:11 -04:00