From a22b75f63ac2dcaaf9d7df847dc9252e59dd81c1 Mon Sep 17 00:00:00 2001 From: Stephen Crane Date: Tue, 24 Jan 2023 19:36:36 -0800 Subject: [PATCH] Move ia2_get_pkey into libia2 We need to use ia2_get_pkey from outside the allocator library, so this change moves that function into libia2 where it can be shared for both. --- .../partition_allocator/partition_bucket.cc | 2 +- libia2/ia2.c | 68 +++++++++++++++++ libia2/include/ia2.h | 10 +++ partition-alloc/CMakeLists.txt | 2 + partition-alloc/src/allocator_shim.cc | 74 +------------------ scripts/partition_alloc/partition_alloc.diff | 2 +- 6 files changed, 83 insertions(+), 75 deletions(-) diff --git a/external/chromium/src/base/allocator/partition_allocator/partition_bucket.cc b/external/chromium/src/base/allocator/partition_allocator/partition_bucket.cc index c27030ddd..045ae438b 100644 --- a/external/chromium/src/base/allocator/partition_allocator/partition_bucket.cc +++ b/external/chromium/src/base/allocator/partition_allocator/partition_bucket.cc @@ -42,7 +42,7 @@ #endif // BUILDFLAG(STARSCAN) #include -#include +#include namespace partition_alloc::internal { diff --git a/libia2/ia2.c b/libia2/ia2.c index e67070d15..636ad2925 100644 --- a/libia2/ia2.c +++ b/libia2/ia2.c @@ -5,6 +5,74 @@ #include "ia2.h" +#ifdef LIBIA2_INSECURE +size_t ia2_get_pkey() { return 0; } +#else +size_t ia2_get_pkey() { + uint32_t pkru; + __asm__("rdpkru" : "=a"(pkru) : "a"(0), "d"(0), "c"(0)); + switch (pkru) { + case 0xFFFFFFFC: { + return 0; + } + case 0xFFFFFFF0: { + return 1; + } + case 0xFFFFFFCC: { + return 2; + } + case 0xFFFFFF3C: { + return 3; + } + case 0xFFFFFCFC: { + return 4; + } + case 0xFFFFF3FC: { + return 5; + } + case 0xFFFFCFFC: { + return 6; + } + case 0xFFFF3FFC: { + return 7; + } + case 0xFFFCFFFC: { + return 8; + } + case 0xFFF3FFFC: { + return 9; + } + case 0xFFCFFFFC: { + return 10; + } + case 0xFF3FFFFC: { + return 11; + } + case 0xFCFFFFFC: { + return 12; + } + case 0xF3FFFFFC: { + return 13; + } + case 0xCFFFFFFC: { + return 14; + } + case 0x3FFFFFFC: { + return 15; + } + // TODO: We currently treat any unexpected PKRU value as pkey 0 (the shared + // heap) for simplicity since glibc(?) initializes the PKRU to 0x55555554 + // (usually). We don't set the PKRU until the first compartment transition, so + // let's default to using the shared heap before our first wrpkru. When we + // initialize the PKRU properly (see issue #95) we should probably abort when + // we see unexpected PKRU values. + default: { + return 0; + } + } +} +#endif // LIBIA2_INSECURE + static const char *shared_sections[][2] = { {"__start_ia2_shared_data", "__stop_ia2_shared_data"}, }; diff --git a/libia2/include/ia2.h b/libia2/include/ia2.h index f8a071a81..b5ebdfd5d 100644 --- a/libia2/include/ia2.h +++ b/libia2/include/ia2.h @@ -100,6 +100,12 @@ static uint32_t ia2_get_pkru() { #define IA2_IGNORE_FIELD(decl) decl +#ifdef __cplusplus +extern "C" { +#endif + +size_t ia2_get_pkey(); + /// Protect pages in the given shared object /// /// \param info dynamic linker information for the current object @@ -310,3 +316,7 @@ static int insecure_pkey_mprotect(void *ptr, size_t len, int prot, int pkey) { protect_tls(); \ init_stacks(); \ } + +#ifdef __cplusplus +} +#endif diff --git a/partition-alloc/CMakeLists.txt b/partition-alloc/CMakeLists.txt index d35bc3f80..b615db57e 100644 --- a/partition-alloc/CMakeLists.txt +++ b/partition-alloc/CMakeLists.txt @@ -57,6 +57,8 @@ add_library(partition-alloc SHARED src/allocator_shim.cc ${PA_SRCS}) +target_link_libraries(partition-alloc libia2) + if(LIBIA2_INSECURE) target_compile_definitions(partition-alloc PUBLIC LIBIA2_INSECURE=1) endif() diff --git a/partition-alloc/src/allocator_shim.cc b/partition-alloc/src/allocator_shim.cc index 49975dc50..96d7acfc7 100644 --- a/partition-alloc/src/allocator_shim.cc +++ b/partition-alloc/src/allocator_shim.cc @@ -8,77 +8,7 @@ #include "allocator_shim.h" #include "base/allocator/partition_allocator/partition_alloc.h" #include "base/allocator/partition_allocator/partition_root.h" -#include - -extern "C" { - -#ifdef LIBIA2_INSECURE -size_t ia2_get_pkey() { return 0; } -#else -size_t ia2_get_pkey() { - uint32_t pkru; - __asm__("rdpkru" : "=a"(pkru) : "a"(0), "d"(0), "c"(0)); - switch (pkru) { - case 0xFFFFFFFC: { - return 0; - } - case 0xFFFFFFF0: { - return 1; - } - case 0xFFFFFFCC: { - return 2; - } - case 0xFFFFFF3C: { - return 3; - } - case 0xFFFFFCFC: { - return 4; - } - case 0xFFFFF3FC: { - return 5; - } - case 0xFFFFCFFC: { - return 6; - } - case 0xFFFF3FFC: { - return 7; - } - case 0xFFFCFFFC: { - return 8; - } - case 0xFFF3FFFC: { - return 9; - } - case 0xFFCFFFFC: { - return 10; - } - case 0xFF3FFFFC: { - return 11; - } - case 0xFCFFFFFC: { - return 12; - } - case 0xF3FFFFFC: { - return 13; - } - case 0xCFFFFFFC: { - return 14; - } - case 0x3FFFFFFC: { - return 15; - } - // TODO: We currently treat any unexpected PKRU value as pkey 0 (the shared - // heap) for simplicity since glibc(?) initializes the PKRU to 0x55555554 - // (usually). We don't set the PKRU until the first compartment transition, so - // let's default to using the shared heap before our first wrpkru. When we - // initialize the PKRU properly (see issue #95) we should probably abort when - // we see unexpected PKRU values. - default: { - return 0; - } - } -} -#endif // LIBIA2_INSECURE +#include using namespace partition_alloc::internal; using partition_alloc::PartitionOptions; @@ -217,5 +147,3 @@ void *ShimCallocWithPkey(size_t num, size_t size, size_t pkey) { return ret; } } - -} // extern "C" diff --git a/scripts/partition_alloc/partition_alloc.diff b/scripts/partition_alloc/partition_alloc.diff index 08a7c28eb..e6047d2dd 100644 --- a/scripts/partition_alloc/partition_alloc.diff +++ b/scripts/partition_alloc/partition_alloc.diff @@ -7,7 +7,7 @@ index 6434ee54..c27030dd 100644 #endif // BUILDFLAG(STARSCAN) +#include -+#include ++#include + namespace partition_alloc::internal {