mirror of
https://github.com/GrapheneOS/hardened_malloc.git
synced 2025-05-24 08:51:14 -04:00
add support for Arm MTE memory tagging
- tag slab allocations with [1..14] tags - tag freed slab allocations with the "15" tag value to detect accesses to freed slab memory - when generating tag value for a slab slot, always exclude most recent tag value for that slot (to make use-after-free detection more reliable) and most recent tag values of its immediate neighbors (to detect linear overflows and underflows)
This commit is contained in:
Dmitry Muhomor
parent
a7382cb0bb
commit
52fcaf55d6
5 changed files with 254 additions and 6 deletions
52
memtag.h
Normal file
52
memtag.h
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
#ifndef MEMTAG_H
|
||||
#define MEMTAG_H
|
||||
|
||||
#include "util.h"
|
||||
|
||||
#ifdef HAS_ARM_MTE
|
||||
#include "arm_mte.h"
|
||||
#define MEMTAG 1
|
||||
#define RESERVED_TAG 15
|
||||
#define TAG_WIDTH 4
|
||||
#endif
|
||||
|
||||
#ifdef MEMTAG
|
||||
extern bool __is_memtag_enabled;
|
||||
#endif
|
||||
|
||||
static inline bool is_memtag_enabled(void) {
|
||||
#ifdef MEMTAG
|
||||
return __is_memtag_enabled;
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline void *untag_pointer(void *ptr) {
|
||||
#ifdef HAS_ARM_MTE
|
||||
const uintptr_t mask = UINTPTR_MAX >> 8;
|
||||
return (void *) ((uintptr_t) ptr & mask);
|
||||
#else
|
||||
return ptr;
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline void *set_pointer_tag(void *ptr, u8 tag) {
|
||||
#ifdef HAS_ARM_MTE
|
||||
return (void *) (((uintptr_t) tag << 56) | (uintptr_t) untag_pointer(ptr));
|
||||
#else
|
||||
(void) tag;
|
||||
return ptr;
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline u8 get_pointer_tag(void *ptr) {
|
||||
#ifdef HAS_ARM_MTE
|
||||
return (((uintptr_t) ptr) >> 56) & 0xf;
|
||||
#else
|
||||
(void) ptr;
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
Loading…
Add table
Add a link
Reference in a new issue