chromium/src
0
Fork 0
Code Activity

Improve enabling logic for MTE

Browse Source 
Detects when MTE cannot be enabled due to MTE not enabled at startup.
And handles it without crashing.

Also adds logging.

Change-Id: Iddcefed38eba729af4ae92ca94a25e3c7cb40a98
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5999854
Reviewed-by: Takashi Sakamoto <tasak@google.com>
Commit-Queue: Keishi Hattori <keishi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1379545}
This commit is contained in:
Keishi Hattori
2024-11-07 09:22:19 +00:00
committed by Chromium LUCI CQ
parent cc9bcfc4cf
commit 3d5865e0a2
1 changed files with 40 additions and 17 deletions

57
base/allocator/partition_alloc_support.cc

@@ -1051,17 +1051,37 @@ void PartitionAllocSupport::ReconfigureAfterFeatureListInit(
// check here too to wrap the GetMemoryTaggingModeForCurrentThread() call. // check here too to wrap the GetMemoryTaggingModeForCurrentThread() call.
if (!base::FeatureList::IsEnabled( if (!base::FeatureList::IsEnabled(
base::features::kKillPartitionAllocMemoryTagging)) { base::features::kKillPartitionAllocMemoryTagging)) {
// If synchronous mode is enabled from startup it means this is a test and // If synchronous mode is enabled from startup it means this is a test or it
// memory tagging should be enabled. // was force enabled in Chrome some how so honor that choice.
if (partition_alloc::internal::GetMemoryTaggingModeForCurrentThread() == partition_alloc::TagViolationReportingMode
startup_memory_tagging_reporting_mode =
partition_alloc::internal::GetMemoryTaggingModeForCurrentThread();
if (startup_memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kSynchronous) { partition_alloc::TagViolationReportingMode::kSynchronous) {
enable_memory_tagging = true; enable_memory_tagging = true;
memory_tagging_reporting_mode = memory_tagging_reporting_mode =
partition_alloc::TagViolationReportingMode::kSynchronous; partition_alloc::TagViolationReportingMode::kSynchronous;
// Not enabling permissive mode as this config is used to crash and detect
// bugs.
VLOG(1) << "PartitionAlloc: Memory tagging enabled in SYNC mode at "
"startup (Process: "
<< process_type << ")";
} else { } else {
enable_memory_tagging = ShouldEnableMemoryTagging(process_type); enable_memory_tagging = ShouldEnableMemoryTagging(process_type);
#if BUILDFLAG(IS_ANDROID) #if BUILDFLAG(IS_ANDROID)
// Android Scudo does not allow MTE to be re-enabled if MTE was disabled.
if (enable_memory_tagging &&
startup_memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kDisabled) {
LOG(ERROR) << "PartitionAlloc: Failed to enable memory tagging due to "
"MTE disabled at startup (Process: "
<< process_type << ")";
debug::DumpWithoutCrashing();
enable_memory_tagging = false;
}
if (enable_memory_tagging) { if (enable_memory_tagging) {
// Configure MTE.
switch (base::features::kMemtagModeParam.Get()) { switch (base::features::kMemtagModeParam.Get()) {
case base::features::MemtagMode::kSync: case base::features::MemtagMode::kSync:
memory_tagging_reporting_mode = memory_tagging_reporting_mode =
@@ -1072,15 +1092,28 @@ void PartitionAllocSupport::ReconfigureAfterFeatureListInit(
partition_alloc::TagViolationReportingMode::kAsynchronous; partition_alloc::TagViolationReportingMode::kAsynchronous;
break; break;
} }
partition_alloc::PermissiveMte::SetEnabled(base::FeatureList::IsEnabled( bool enable_permissive_mte = base::FeatureList::IsEnabled(
base::features::kPartitionAllocPermissiveMte)); base::features::kPartitionAllocPermissiveMte);
partition_alloc::PermissiveMte::SetEnabled(enable_permissive_mte);
CHECK(partition_alloc::internal:: CHECK(partition_alloc::internal::
ChangeMemoryTaggingModeForAllThreadsPerProcess( ChangeMemoryTaggingModeForAllThreadsPerProcess(
memory_tagging_reporting_mode)); memory_tagging_reporting_mode));
CHECK_EQ( CHECK_EQ(
partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(), partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
memory_tagging_reporting_mode); memory_tagging_reporting_mode);
VLOG(1)
<< "PartitionAlloc: Memory tagging enabled in "
<< (memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kSynchronous
? "SYNC"
: "ASYNC")
<< " mode (Process: " << process_type << ")";
if (enable_permissive_mte) {
VLOG(1) << "PartitionAlloc: Permissive MTE enabled (Process: "
<< process_type << ")";
}
} else if (base::CPU::GetInstanceNoAllocation().has_mte()) { } else if (base::CPU::GetInstanceNoAllocation().has_mte()) {
// Disable MTE.
memory_tagging_reporting_mode = memory_tagging_reporting_mode =
partition_alloc::TagViolationReportingMode::kDisabled; partition_alloc::TagViolationReportingMode::kDisabled;
CHECK(partition_alloc::internal:: CHECK(partition_alloc::internal::
@@ -1089,24 +1122,14 @@ void PartitionAllocSupport::ReconfigureAfterFeatureListInit(
CHECK_EQ( CHECK_EQ(
partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(), partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
memory_tagging_reporting_mode); memory_tagging_reporting_mode);
VLOG(1) << "PartitionAlloc: Memory tagging disabled (Process: "
<< process_type << ")";
} }
#endif // BUILDFLAG(IS_ANDROID) #endif // BUILDFLAG(IS_ANDROID)
} }
} }
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING) #endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
if (enable_memory_tagging) {
CHECK((memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kSynchronous) ||
(memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kAsynchronous));
} else {
CHECK((memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kUndefined) ||
(memory_tagging_reporting_mode ==
partition_alloc::TagViolationReportingMode::kDisabled));
}
allocator_shim::UseSmallSingleSlotSpans use_small_single_slot_spans( allocator_shim::UseSmallSingleSlotSpans use_small_single_slot_spans(
base::FeatureList::IsEnabled( base::FeatureList::IsEnabled(
features::kPartitionAllocUseSmallSingleSlotSpans)); features::kPartitionAllocUseSmallSingleSlotSpans));