Fix/Add hardened malloc patchsets from GrapheneOS

11 8c0f3c0e04 11 4e6320c247 11 108754debb 10 818be3fc1d 10 010949662f 10 ede5e38f5b 9 80754c93bf 9 20160b8161 Signed-off-by: Tad <tad@spotco.us>
2024-06-26 14:42:13 +00:00 · 2022-03-15 16:06:13 -04:00 · 2022-03-15 16:06:13 -04:00 · 1878cd19ab
commit 1878cd19ab
parent 209481c53e
8 changed files with 218 additions and 3 deletions
--- a/Manifests/Manifest_LAOS-18.1.xml
+++ b/Manifests/Manifest_LAOS-18.1.xml
@ -70,6 +70,11 @@
 	<project path="external/chromium-webview" name="divested-mobile/mulch" groups="pdk" clone-depth="1" remote="gitlab" revision="master" />
 <!-- END OF BRANCH SWITCHING -->

+<!-- START OF ADDITIONAL REPOS -->
+	<!-- GrapheneOS
+	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="9823dcad79b5dc735720790d27770231ec90fee8" /> -->
+<!-- END OF ADDITIONAL REPOS -->
+
 <!-- START OF DEVICE REPOS -->
 	<!-- Common -->
 	<project path="system/qcom" name="LineageOS/android_system_qcom" remote="github" />
--- a/Patches/LineageOS-16.0/android_system_core/0002-HM-Increase_vm_mmc.patch
+++ b/Patches/LineageOS-16.0/android_system_core/0002-HM-Increase_vm_mmc.patch
--- a/Patches/LineageOS-18.1/android_bionic/0001-HM-Use_HM.patch
+++ b/Patches/LineageOS-18.1/android_bionic/0001-HM-Use_HM.patch
@ -0,0 +1,161 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 5 Dec 2018 01:51:56 -0500
+Subject: [PATCH] use Scudo on 32-bit and hardened_malloc on 64-bit
+
+Co-authored-by: anupritaisno1 <www.anuprita804@gmail.com>
+Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
+Change-Id: Ib26dd69ff3bdcf4703ad51541ccb422e31a7c92d
+[tad@spotco.us]: disabled scudo for 32-bit like Lineage
+---
+ libc/Android.bp                  | 36 +++++++++++++---------
+ libc/bionic/h_malloc_wrapper.cpp | 51 ++++++++++++++++++++++++++++++++
+ libc/bionic/malloc_common.h      |  8 +++++
+ 3 files changed, 81 insertions(+), 14 deletions(-)
+ create mode 100644 libc/bionic/h_malloc_wrapper.cpp
+
+diff --git a/libc/Android.bp b/libc/Android.bp
+index ce714054a..78a7ef23c 100644
+--- a/libc/Android.bp
+++ b/libc/Android.bp
+@@ -50,6 +50,8 @@ libc_common_flags = [
+ 
+     // GWP-ASan requires platform TLS.
+     "-fno-emulated-tls",
+
+    "-DH_MALLOC_PREFIX",
+ ]
+ 
+ // Define some common cflags
+@@ -122,20 +124,18 @@ libc32_scudo_product_variables = {
+ // ========================================================
+ cc_defaults {
+     name: "libc_native_allocator_defaults",
+-
+-    whole_static_libs: [
+-        "libjemalloc5",
+-        "libc_jemalloc_wrapper",
+-    ],
+-    header_libs: ["gwp_asan_headers"],
+    whole_static_libs: ["libc_jemalloc_wrapper"],
+     multilib: {
+-        lib64: {
+-            product_variables: libc_scudo_product_variables,
+-        },
+         lib32: {
+             product_variables: libc32_scudo_product_variables,
+-        }
+        },
+        lib64: {
+            cflags: ["-DH_MALLOC_PREFIX"],
+            whole_static_libs: ["libhardened_malloc"],
+        },
+     },
+
+    header_libs: ["gwp_asan_headers"],
+ }
+ 
+ // Functions not implemented by jemalloc directly, or that need to
+@@ -143,12 +143,20 @@ cc_defaults {
+ cc_library_static {
+     name: "libc_jemalloc_wrapper",
+     defaults: ["libc_defaults"],
+-    srcs: ["bionic/jemalloc_wrapper.cpp"],
+    multilib: {
+        lib32: {
+            // Used to pull in the jemalloc/hardened_malloc include directory so that if the
+            // library is removed, the include directory is also removed.
+            srcs: ["bionic/jemalloc_wrapper.cpp"],
+            static_libs: ["libjemalloc5"],
+        },
+        lib64: {
+            srcs: ["bionic/h_malloc_wrapper.cpp"],
+            static_libs: ["libhardened_malloc"],
+        },
+    },
+     cflags: ["-fvisibility=hidden"],
+ 
+-    // Used to pull in the jemalloc include directory so that if the
+-    // library is removed, the include directory is also removed.
+-    static_libs: ["libjemalloc5"],
+ }
+ 
+ // ========================================================
+diff --git a/libc/bionic/h_malloc_wrapper.cpp b/libc/bionic/h_malloc_wrapper.cpp
+new file mode 100644
+index 000000000..5fb0968c2
+--- /dev/null
+++ b/libc/bionic/h_malloc_wrapper.cpp
+@@ -0,0 +1,51 @@
+#include <errno.h>
+#include <malloc.h>
+#include <sys/param.h>
+#include <unistd.h>
+
+#include <private/MallocXmlElem.h>
+
+#include "h_malloc.h"
+
+__BEGIN_DECLS
+int h_malloc_info(int options, FILE* fp);
+__END_DECLS
+
+int h_malloc_info(int options, FILE* fp) {
+  if (options != 0) {
+    errno = EINVAL;
+    return -1;
+  }
+
+  fflush(fp);
+  int fd = fileno(fp);
+  MallocXmlElem root(fd, "malloc", "version=\"jemalloc-1\"");
+
+  // Dump all of the large allocations in the arenas.
+  for (size_t i = 0; i < h_mallinfo_narenas(); i++) {
+    struct mallinfo mi = h_mallinfo_arena_info(i);
+    if (mi.hblkhd != 0) {
+      MallocXmlElem arena_elem(fd, "heap", "nr=\"%d\"", i);
+      {
+        MallocXmlElem(fd, "allocated-large").Contents("%zu", mi.ordblks);
+        MallocXmlElem(fd, "allocated-huge").Contents("%zu", mi.uordblks);
+        MallocXmlElem(fd, "allocated-bins").Contents("%zu", mi.fsmblks);
+
+        size_t total = 0;
+        for (size_t j = 0; j < h_mallinfo_nbins(); j++) {
+          struct mallinfo mi = h_mallinfo_bin_info(i, j);
+          if (mi.ordblks != 0) {
+            MallocXmlElem bin_elem(fd, "bin", "nr=\"%d\"", j);
+            MallocXmlElem(fd, "allocated").Contents("%zu", mi.ordblks);
+            MallocXmlElem(fd, "nmalloc").Contents("%zu", mi.uordblks);
+            MallocXmlElem(fd, "ndalloc").Contents("%zu", mi.fordblks);
+            total += mi.ordblks;
+          }
+        }
+        MallocXmlElem(fd, "bins-total").Contents("%zu", total);
+      }
+    }
+  }
+
+  return 0;
+}
+diff --git a/libc/bionic/malloc_common.h b/libc/bionic/malloc_common.h
+index 4afcc4a8d..cca9e5202 100644
+--- a/libc/bionic/malloc_common.h
+++ b/libc/bionic/malloc_common.h
+@@ -67,8 +67,16 @@ __END_DECLS
+ 
+ #else
+ 
+#ifdef __LP64__
+#include "h_malloc.h"
+#define Malloc(function)  h_ ## function
+__BEGIN_DECLS
+int h_malloc_info(int options, FILE* fp);
+__END_DECLS
+#else
+ #include "jemalloc.h"
+ #define Malloc(function)  je_ ## function
+#endif
+ 
+ #endif
+ 
--- a/Patches/LineageOS-18.1/android_build_soong/0002-hm_apex.patch
+++ b/Patches/LineageOS-18.1/android_build_soong/0002-hm_apex.patch
@ -0,0 +1,21 @@
+From 4e6320c247b78f456a83a0393360e7be1105eb5a Mon Sep 17 00:00:00 2001
+From: anupritaisno1 <www.anuprita804@gmail.com>
+Date: Sun, 13 Sep 2020 09:35:41 +0000
+Subject: [PATCH] make hardened malloc available to apexes
+
+---
+ apex/apex.go | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/apex/apex.go b/apex/apex.go
+index 7da8e1cf2..66534426a 100644
+--- a/apex/apex.go
+++ b/apex/apex.go
+@@ -570,6 +570,7 @@ func makeApexAvailableBaseline() map[string][]string {
+ 		"libdexfile_support",
+ 		"libdexfile_support_static",
+ 		"libdl_static",
+		"libhardened_malloc",
+ 		"libjemalloc5",
+ 		"liblinker_main",
+ 		"liblinker_malloc",
--- a/Patches/LineageOS-18.1/android_system_core/0003-HM-Increase_vm_mmc.patch
+++ b/Patches/LineageOS-18.1/android_system_core/0003-HM-Increase_vm_mmc.patch
@ -0,0 +1,22 @@
+From 8c0f3c0e04d279daf9f0e9a338c698ed95a026b6 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Thu, 13 Dec 2018 09:26:25 -0500
+Subject: [PATCH] increase max_map_count for hardened malloc
+
+---
+ rootdir/init.rc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index a9af0b094da..9dd54445781 100644
+--- a/rootdir/init.rc
+++ b/rootdir/init.rc
+@@ -854,6 +854,8 @@ on boot
+     chown root system /sys/block/zram0/writeback
+     chmod 0664 /sys/block/zram0/writeback
+ 
+    write /proc/sys/vm/max_map_count 1048576
+
+     # Tweak background writeout
+     write /proc/sys/vm/dirty_expire_centisecs 200
+     write /proc/sys/vm/dirty_background_ratio  5
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@ -301,7 +301,7 @@ if enterAndClear "system/core"; then
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery
 applyPatch "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS)
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES_COMMON/android_system_core/0001-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
+if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0002-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
 fi;

 if enterAndClear "system/extras"; then
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@ -59,6 +59,10 @@ if enterAndClear "art"; then
 if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
 fi;

+#if enterAndClear "bionic"; then
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS) #XXX: needs to be verified
+#fi;
+
 if enterAndClear "bootable/recovery"; then
 applyPatch "$DOS_PATCHES/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch"; #Abort package installs if they are specific to a serial number (GrapheneOS)
 fi;
@ -76,6 +80,7 @@ fi;

 if enterAndClear "build/soong"; then
 applyPatch "$DOS_PATCHES/android_build_soong/0001-Enable_fwrapv.patch"; #Use -fwrapv at a minimum (GrapheneOS)
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_bionic/0002-hm_apex.patch"; fi; #(GrapheneOS)
 fi;

 if enterAndClear "device/qcom/sepolicy-legacy"; then
@ -317,6 +322,7 @@ if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/h
 git revert --no-edit e8dcabaf6b55ec55eb73c4585501ddbafc04fc9b 79f606ece6b74652d374eb4f79de309a0aa81360; #insanity
 applyPatch "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS)
 if [ "$DOS_GRAPHENE_PTRACE_SCOPE" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0002-ptrace_scope.patch"; fi; #Add a property for controlling ptrace_scope (GrapheneOS)
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0003-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
 fi;

 if enterAndClear "system/extras"; then
--- a/Scripts/init.sh
+++ b/Scripts/init.sh
@ -58,8 +58,8 @@ export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Serv
 #Features
 export DOS_GPS_GLONASS_FORCED=false; #Enables GLONASS on all devices
 export DOS_GRAPHENE_CONSTIFY=true; #Enables 'Constify JNINativeMethod tables' patchset on 16.0+17.1+18.1
-export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1
-export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1 XXX: broken (just on 17.1?)
+export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1+18.1
+export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1+18.1 XXX: broken (just on 17.1?)
 export DOS_GRAPHENE_PTRACE_SCOPE=true; #Enables the ptrace_scope toggle patchset on 18.1
 export DOS_GRAPHENE_NETWORK_PERM=true; #Enables use of GrapheneOS' NETWORK permission on 17.1+18.1
 export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file