Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / e8139f585a6580a3fd3265efeb88dd8842d23ee3^! / . / linker / linker_soinfo.h
commite8139f585a6580a3fd3265efeb88dd8842d23ee3[log] [tgz]
authorMitch Phillips <mitchp@google.com>Wed Nov 23 15:18:01 2022 -0800
committerMitch Phillips <mitchp@google.com>Mon Nov 20 15:53:06 2023 +0100
tree28280f407c09a9442c825e413d134ce704541989
parent77704b750553538bc1dc8647f7e53dcafc2e5c4f [diff] [blame]
Linker support for MTE globals.

This patch adds the necessary bionic code for the linker to protect
global data using MTE.

The implementation is described in the MemtagABI addendum to the
AArch64 ELF ABI:
https://github.com/ARM-software/abi-aa/blob/main/memtagabielf64/memtagabielf64.rst

In summary, this patch includes:

1. When MTE globals is requested, the linker maps writable SHF_ALLOC
   sections as anonymous pages with PROT_MTE (copying the file contents
   into the anonymous mapping), rather than using a file-backed private
   mapping. This is required as file-based mappings are not necessarily
   backed by the kernel with tag-capable memory. For sections already
   mapped by the kernel when the linker is invoked via. PT_INTERP, we
   unmap the contents, remap a PROT_MTE+anonymous mapping in its place,
   and re-load the file contents from disk.

2. When MTE globals is requested, the linker tags areas of global memory
   (as defined in SHT_AARCH64_MEMTAG_GLOBALS_DYNAMIC) with random tags,
   but ensuring that adjacent globals are never tagged using the same
   memory tag (to provide detemrinistic overflow detection).

3. Changes to RELATIVE, ABS64, and GLOB_DAT relocations to load and
   store tags in the right places. This ensures that the address tags are
   materialized into the GOT entries as well. These changes are a
   functional no-op to existing binaries and/or non-MTE capable hardware.

Bug: N/A
Test: atest bionic-unit-tests CtsBionicTestCases --test-filter=*Memtag*

Change-Id: Id7b1a925339b14949d5a8f607dd86928624bda0e

diff --git a/linker/linker_soinfo.h b/linker/linker_soinfo.h
index 622719d..092cbcc 100644
--- a/linker/linker_soinfo.h
+++ b/linker/linker_soinfo.h

@@ -66,9 +66,10 @@
                                          // soinfo is executed and this flag is
                                          // unset.
 #define FLAG_PRELINKED        0x00000400 // prelink_image has successfully processed this soinfo
+#define FLAG_GLOBALS_TAGGED 0x00000800   // globals have been tagged by MTE.
 #define FLAG_NEW_SOINFO       0x40000000 // new soinfo format
 
-#define SOINFO_VERSION 6
+#define SOINFO_VERSION 7
 
 ElfW(Addr) call_ifunc_resolver(ElfW(Addr) resolver_addr);
 
@@ -257,6 +258,8 @@
                   const android_dlextinfo* extinfo, size_t* relro_fd_offset);
   bool protect_relro();
 
+  void tag_globals();
+
   void add_child(soinfo* child);
   void remove_all_links();