immunant · fw-immunant · Jul 26, 2024 · Jun 10, 2024 · Jun 10, 2024 · Jun 10, 2024
diff --git a/cmake/define-test.cmake b/cmake/define-test.cmake
@@ -144,6 +144,7 @@ function(define_test)
                     COMMAND ${CMAKE_CROSSCOMPILING_EMULATOR}
                         "-one-insn-per-tb"
                         "-L" "${CMAKE_BINARY_DIR}/external/glibc/sysroot/usr/"
+                        "-E" "LD_LIBRARY_PATH=${CMAKE_BINARY_DIR}/external/glibc/sysroot/usr/lib:/usr/aarch64-linux-gnu/lib:/usr/aarch64-linux-gnu/lib64"
                         ${CMAKE_CURRENT_BINARY_DIR}/${TEST_NAME}
                     WORKING_DIRECTORY ${CMAKE_BINARY_DIR})
             elseif (DEFINE_TEST_WITHOUT_SANDBOX OR NOT ${IA2_TRACER})

diff --git a/cmake/ia2.cmake b/cmake/ia2.cmake
@@ -1,9 +1,7 @@
 if(LIBIA2_AARCH64)
     set(UBSAN_FLAG "")
-    set(PARTITION_ALLOC "")
 else()
     set(UBSAN_FLAG "-fsanitize=undefined")
-    set(PARTITION_ALLOC "partition-alloc")
 endif()
 # Creates a compartmentalized IA2 target
 #
@@ -71,7 +69,7 @@ function(add_ia2_compartment NAME TYPE)
     target_link_options(${NAME} PRIVATE ${UBSAN_FLAG})
   endif()
 
-  target_link_libraries(${NAME} PRIVATE dl libia2 ${PARTITION_ALLOC})
+  target_link_libraries(${NAME} PRIVATE dl libia2 partition-alloc)
   target_link_options(${NAME} PRIVATE "-Wl,--export-dynamic")
 
   target_link_libraries(${NAME} PRIVATE ${ARG_LIBRARIES})

diff --git a/external/chromium/src/base/allocator/partition_allocator/page_allocator_constants.h b/external/chromium/src/base/allocator/partition_allocator/page_allocator_constants.h
@@ -107,6 +107,14 @@ PageAllocationGranularityShift() {
 #endif
 }
 
+PA_ALWAYS_INLINE constexpr size_t SystemPageSizeMax() {
+#if BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
+  return 4*1024;
+#else
+  return 1 << PageAllocationGranularityShift();
+#endif
+}
+
 PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR size_t
 PageAllocationGranularity() {
 #if BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)

diff --git a/external/chromium/src/base/allocator/partition_allocator/page_allocator_internals_posix.h b/external/chromium/src/base/allocator/partition_allocator/page_allocator_internals_posix.h
@@ -195,6 +195,10 @@ uintptr_t SystemAllocPagesInternal(uintptr_t hint,
   }
 #endif
 
+#if BUILDFLAG(ENABLE_MTE_ISOLATION)
+  access_flag |= PROT_MTE;
+#endif
+
   void* ret = mmap(reinterpret_cast<void*>(hint), length, access_flag,
                    map_flags, fd, 0);
   if (ret == MAP_FAILED) {

diff --git a/external/chromium/src/base/allocator/partition_allocator/partition_address_space.h b/external/chromium/src/base/allocator/partition_allocator/partition_address_space.h
@@ -390,7 +390,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) PartitionAddressSpace {
 #endif
   };
 #if BUILDFLAG(ENABLE_THREAD_ISOLATION)
-  static_assert(sizeof(PoolSetup) % SystemPageSize() == 0,
+  static_assert(sizeof(PoolSetup) % SystemPageSizeMax() == 0,
                 "PoolSetup has to fill a page(s)");
 #else
   static_assert(sizeof(PoolSetup) % kPartitionCachelineSize == 0,

diff --git a/external/chromium/src/base/allocator/partition_allocator/partition_alloc_buildflags.h b/external/chromium/src/base/allocator/partition_allocator/partition_alloc_buildflags.h
@@ -33,7 +33,13 @@
 #define BUILDFLAG_INTERNAL_USE_FREELIST_POOL_OFFSETS() (0)
 #define BUILDFLAG_INTERNAL_USE_STARSCAN() (1)
 #define BUILDFLAG_INTERNAL_PCSCAN_STACK_SUPPORTED() (0)
+#ifdef ARCH_CPU_ARM64
+#define BUILDFLAG_INTERNAL_ENABLE_PKEYS() (0)
+#define BUILDFLAG_INTERNAL_ENABLE_MTE_ISOLATION() (1)
+#else
 #define BUILDFLAG_INTERNAL_ENABLE_PKEYS() (1)
+#define BUILDFLAG_INTERNAL_ENABLE_MTE_ISOLATION() (0)
+#endif
 #define BUILDFLAG_INTERNAL_ENABLE_THREAD_ISOLATION() (1)
 #define BUILDFLAG_INTERNAL_WRAP_SHIM() (1)
 

diff --git a/external/chromium/src/base/allocator/partition_allocator/thread_isolation/alignment.h b/external/chromium/src/base/allocator/partition_allocator/thread_isolation/alignment.h
@@ -11,7 +11,7 @@
 
 #include "base/allocator/partition_allocator/page_allocator_constants.h"
 
-#define PA_THREAD_ISOLATED_ALIGN_SZ partition_alloc::internal::SystemPageSize()
+#define PA_THREAD_ISOLATED_ALIGN_SZ partition_alloc::internal::SystemPageSizeMax()
 #define PA_THREAD_ISOLATED_ALIGN_OFFSET_MASK (PA_THREAD_ISOLATED_ALIGN_SZ - 1)
 #define PA_THREAD_ISOLATED_ALIGN_BASE_MASK \
   (~PA_THREAD_ISOLATED_ALIGN_OFFSET_MASK)

diff --git a/external/chromium/src/base/allocator/partition_allocator/thread_isolation/mte.cc b/external/chromium/src/base/allocator/partition_allocator/thread_isolation/mte.cc
@@ -0,0 +1,52 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/allocator/partition_allocator/thread_isolation/mte.h"
+
+#if BUILDFLAG(ENABLE_MTE_ISOLATION)
+
+#include <errno.h>
+#include <sys/auxv.h>
+#include <sys/mman.h>
+#include <sys/syscall.h>
+#include <unistd.h>
+
+#include "base/allocator/partition_allocator/partition_alloc_base/cpu.h"
+#include "base/allocator/partition_allocator/partition_alloc_check.h"
+#include "base/allocator/partition_allocator/thread_isolation/thread_isolation.h"
+
+#if !BUILDFLAG(IS_LINUX)
+#error "This MTE code is currently only supported on Linux"
+#endif
+
+#ifndef ARCH_CPU_ARM64
+#error "MTE is only available on the AArch64 architecture"
+#endif
+
+namespace partition_alloc::internal {
+
+PA_COMPONENT_EXPORT(PARTITION_ALLOC)
+bool CPUHasMteSupport() {
+  // Check for Armv8.5-A MTE support, exposed via HWCAP2
+  unsigned long hwcap2 = getauxval(AT_HWCAP2);
+  return hwcap2 & HWCAP2_MTE;
+}
+
+extern "C" int ia2_mprotect_with_tag(void *addr, size_t len, int prot, int tag);
+
+PA_COMPONENT_EXPORT(PARTITION_ALLOC)
+int MteMprotect(void* addr, size_t len, int prot, int tag) {
+  return ia2_mprotect_with_tag(addr, len, prot, tag);
+}
+
+PA_COMPONENT_EXPORT(PARTITION_ALLOC)
+void TagMemoryWithMte(int tag, void *address, size_t size) {
+  PA_DCHECK((reinterpret_cast<uintptr_t>(address) &
+             PA_THREAD_ISOLATED_ALIGN_OFFSET_MASK) == 0);
+  PA_PCHECK(ia2_mprotect_with_tag(address, size, PROT_READ|PROT_WRITE, tag) == 0);
+}
+
+}  // namespace partition_alloc::internal
+
+#endif  // BUILDFLAG(ENABLE_MTE_ISOLATION)
diff --git a/external/chromium/src/base/allocator/partition_allocator/thread_isolation/mte.h b/external/chromium/src/base/allocator/partition_allocator/thread_isolation/mte.h
@@ -0,0 +1,35 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_THREAD_ISOLATION_MTE_H_
+#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_THREAD_ISOLATION_MTE_H_
+
+#include "base/allocator/partition_allocator/partition_alloc_buildflags.h"
+
+#if BUILDFLAG(ENABLE_MTE_ISOLATION)
+
+#include "base/allocator/partition_allocator/partition_alloc_base/component_export.h"
+#include "base/allocator/partition_allocator/partition_alloc_base/debug/debugging_buildflags.h"
+#include "base/allocator/partition_allocator/thread_isolation/alignment.h"
+
+#include <cstddef>
+#include <cstdint>
+
+namespace partition_alloc::internal {
+
+constexpr int kDefaultPkey = 0;
+constexpr int kInvalidPkey = -1;
+
+// Check if the CPU supports pkeys.
+bool CPUHasMteSupport();
+
+int MteMprotect(void* addr, size_t len, int prot, int tag);
+
+void TagMemoryWithMte(int tag, void* address, size_t size);
+
+}  // namespace partition_alloc::internal
+
+#endif  // BUILDFLAG(ENABLE_MTE_ISOLATION)
+
+#endif  // BASE_ALLOCATOR_PARTITION_ALLOCATOR_THREAD_ISOLATION_MTE_H_
diff --git a/external/chromium/src/base/allocator/partition_allocator/thread_isolation/pkey.cc b/external/chromium/src/base/allocator/partition_allocator/thread_isolation/pkey.cc
@@ -19,6 +19,10 @@
 #error "This pkey code is currently only supported on Linux"
 #endif
 
+#ifdef ARCH_CPU_ARM64
+#error "This pkey code is supported only on x86_64 architecture"
+#endif
+
 namespace partition_alloc::internal {
 
 PA_COMPONENT_EXPORT(PARTITION_ALLOC)

diff --git a/...rnal/chromium/src/base/allocator/partition_allocator/thread_isolation/thread_isolation.cc b/...rnal/chromium/src/base/allocator/partition_allocator/thread_isolation/thread_isolation.cc
@@ -15,6 +15,10 @@
 #include "base/allocator/partition_allocator/thread_isolation/pkey.h"
 #endif
 
+#if BUILDFLAG(ENABLE_MTE_ISOLATION)
+#include "base/allocator/partition_allocator/thread_isolation/mte.h"
+#endif
+
 namespace partition_alloc::internal {
 
 #if BUILDFLAG(PA_DCHECK_IS_ON)
@@ -30,6 +34,10 @@ void WriteProtectThreadIsolatedMemory(ThreadIsolationOption thread_isolation,
   partition_alloc::internal::TagMemoryWithPkey(
       thread_isolation.enabled ? thread_isolation.pkey : kDefaultPkey, address,
       size);
+#elif BUILDFLAG(ENABLE_MTE_ISOLATION)
+  partition_alloc::internal::TagMemoryWithMte(
+      thread_isolation.enabled ? thread_isolation.pkey : kDefaultPkey, address,
+      size);
 #else
 #error unexpected thread isolation mode
 #endif
@@ -49,6 +57,10 @@ int MprotectWithThreadIsolation(void* addr,
                                 ThreadIsolationOption thread_isolation) {
 #if BUILDFLAG(ENABLE_PKEYS)
   return PkeyMprotect(addr, len, prot, thread_isolation.pkey);
+#elif BUILDFLAG(ENABLE_MTE_ISOLATION)
+  return MteMprotect(addr, len, prot, thread_isolation.pkey);
+#else
+#error unexpected thread isolation mode
 #endif
 }
 

diff --git a/external/chromium/src/base/allocator/partition_allocator/thread_isolation/thread_isolation.h b/external/chromium/src/base/allocator/partition_allocator/thread_isolation/thread_isolation.h
@@ -21,6 +21,10 @@
 #include "base/allocator/partition_allocator/thread_isolation/pkey.h"
 #endif
 
+#if BUILDFLAG(ENABLE_MTE_ISOLATION)
+#include "base/allocator/partition_allocator/thread_isolation/mte.h"
+#endif
+
 #if !BUILDFLAG(HAS_64_BIT_POINTERS)
 #error "thread isolation support requires 64 bit pointers"
 #endif
@@ -33,23 +37,23 @@ struct ThreadIsolationOption {
   constexpr ThreadIsolationOption() = default;
   explicit ThreadIsolationOption(bool enabled) : enabled(enabled) {}
 
-#if BUILDFLAG(ENABLE_PKEYS)
+#if BUILDFLAG(ENABLE_PKEYS) || BUILDFLAG(ENABLE_MTE_ISOLATION)
   explicit ThreadIsolationOption(int pkey, size_t compartment)
       : pkey(pkey), compartment(compartment) {
     enabled = pkey != internal::kInvalidPkey;
   }
   int pkey = -1;
   Compartment compartment = 0;
-#endif  // BUILDFLAG(ENABLE_PKEYS)
+#endif  // BUILDFLAG(ENABLE_PKEYS) || BUILDFLAG(ENABLE_MTE_ISOLATION)
 
   bool enabled = false;
 
   bool operator==(const ThreadIsolationOption& other) const {
-#if BUILDFLAG(ENABLE_PKEYS)
+#if BUILDFLAG(ENABLE_PKEYS) || BUILDFLAG(ENABLE_MTE_ISOLATION)
     if (pkey != other.pkey) {
       return false;
     }
-#endif  // BUILDFLAG(ENABLE_PKEYS)
+#endif  // BUILDFLAG(ENABLE_PKEYS) || BUILDFLAG(ENABLE_MTE_ISOLATION)
     return enabled == other.enabled;
   }
 };
@@ -69,7 +73,12 @@ struct PA_THREAD_ISOLATED_ALIGN ThreadIsolationSettings {
 
 using LiftThreadIsolationScope = DoNotLiftPkeyRestrictionsScope;
 
+#elif BUILDFLAG(ENABLE_MTE_ISOLATION)
+
+using LiftThreadIsolationScope = void*;
+
 #endif  // BUILDFLAG(ENABLE_PKEYS)
+
 #endif  // BUILDFLAG(PA_DCHECK_IS_ON)
 
 void WriteProtectThreadIsolatedGlobals(

diff --git a/runtime/partition-alloc/CMakeLists.txt b/runtime/partition-alloc/CMakeLists.txt
@@ -39,6 +39,7 @@ set(PA_SRCS
 	partition_page.cc
 	partition_root.cc
 	partition_stats.cc
+	thread_isolation/mte.cc
 	thread_isolation/pkey.cc
 	thread_isolation/thread_isolation.cc
 	random.cc
@@ -73,6 +74,10 @@ add_library(partition-alloc_unpadded SHARED
 
 pad_tls_library(partition-alloc_unpadded partition-alloc)
 
+target_link_libraries(partition-alloc_unpadded PRIVATE
+    stdc++
+)
+
 target_include_directories(partition-alloc BEFORE
 	INTERFACE
     ${CMAKE_CURRENT_SOURCE_DIR}/include
@@ -84,6 +89,14 @@ target_include_directories(partition-alloc_unpadded BEFORE
     PRIVATE
     ${EXTERNAL_DIR}/chromium/src)
 
+# Propagage ARM64 define
+if(LIBIA2_AARCH64)
+    target_compile_options(partition-alloc_unpadded
+    PRIVATE
+        "-DARCH_CPU_ARM64"
+    )
+endif()
+
 target_compile_options(partition-alloc_unpadded
 	PRIVATE
 		"-fPIC"

diff --git a/runtime/partition-alloc/src/get_pkey.cc b/runtime/partition-alloc/src/get_pkey.cc
@@ -4,6 +4,7 @@
 // the allocator against libia2 itself. We want users with libia2 disabled to
 // still be able to call `shared_malloc` etc.
 
+#ifdef __x86_64__
 __attribute__((__visibility__("hidden")))
 uint32_t ia2_get_pkru() {
   uint32_t pkru = 0;
@@ -75,3 +76,13 @@ size_t ia2_get_pkey() {
   }
   }
 }
+#endif
+
+#ifdef __aarch64__
+__attribute__((__visibility__("hidden")))
+size_t ia2_get_pkey() {
+    size_t x18;
+    asm("mov %0, x18" : "=r"(x18));
+    return x18 >> 56;
+}
+#endif
diff --git a/runtime/tracer/CMakeLists.txt b/runtime/tracer/CMakeLists.txt
@@ -1,21 +1,30 @@
 cmake_minimum_required(VERSION 3.12)
 project(tracer)
 
+if (LIBIA2_AARCH64)
+set(CARGO_TARGET_FLAG "--target=aarch64-unknown-linux-gnu" "--config" "target.aarch64-unknown-linux-gnu.linker=\\\"aarch64-linux-gnu-gcc\\\"")
+set(CARGO_ARCH_SUFFIX "aarch64-unknown-linux-gnu")
+else()
+set(CARGO_TARGET_FLAG "")
+set(CARGO_ARCH_SUFFIX "")
+endif()
 add_custom_command(
-  OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/release/libmemory_map.so
-  COMMAND CARGO_TARGET_DIR=${CMAKE_CURRENT_BINARY_DIR} cargo build --manifest-path ${CMAKE_CURRENT_SOURCE_DIR}/memory-map/Cargo.toml --release
+  OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${CARGO_ARCH_SUFFIX}/release/libmemory_map.so
+  COMMAND CARGO_TARGET_DIR=${CMAKE_CURRENT_BINARY_DIR} cargo build ${CARGO_TARGET_FLAG} --manifest-path ${CMAKE_CURRENT_SOURCE_DIR}/memory-map/Cargo.toml --release
   DEPENDS memory-map/Cargo.toml memory-map/src/lib.rs
 )
 
 add_library(memory-map STATIC IMPORTED)
-set_property(TARGET memory-map PROPERTY IMPORTED_LOCATION ${CMAKE_CURRENT_BINARY_DIR}/release/libmemory_map.so)
-add_custom_target(memory-map-tgt DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/release/libmemory_map.so)
+set_property(TARGET memory-map PROPERTY IMPORTED_LOCATION ${CMAKE_CURRENT_BINARY_DIR}/${CARGO_ARCH_SUFFIX}/release/libmemory_map.so)
+add_custom_target(memory-map-tgt DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${CARGO_ARCH_SUFFIX}/release/libmemory_map.so)
 add_dependencies(memory-map memory-map-tgt)
 
+if(LIBIA2_X86_64)
 add_executable(read-pkru
   read_pkru_demo.c
   get_inferior_pkru.c
 )
+endif()
 
 add_executable(track-memory-map
   track_memory_map_demo.c

diff --git a/runtime/tracer/get_inferior_pkru.c b/runtime/tracer/get_inferior_pkru.c
@@ -1,3 +1,4 @@
+#ifdef __x86_64__
 #include <cpuid.h>
 #include <linux/elf.h>
 #include <stdio.h>
@@ -64,3 +65,4 @@ bool get_inferior_pkru(pid_t pid, uint32_t *pkru_out) {
   memcpy(pkru_out, &xstateregs[xstate_pkru_offset], sizeof(*pkru_out));
   return true;
 }
+#endif
diff --git a/runtime/tracer/memory-map/Cargo.toml b/runtime/tracer/memory-map/Cargo.toml
@@ -3,11 +3,14 @@ name = "memory-map"
 version = "0.1.0"
 edition = "2021"
 [lib]
-crate_type = ["cdylib"]
+crate-type = ["cdylib"]
 
 [dependencies]
 libc_alloc = "1.0.5"
-nonoverlapping_interval_tree = { version = "0.1.5", default_features = false }
+nonoverlapping_interval_tree = { version = "0.1.5", default-features = false }
+
+[lints.rust]
+unexpected_cfgs = { level = "warn", check-cfg = ['cfg(debug)', 'cfg(list_regions)'] }
 
 [profile.dev]
 panic = "abort"