From 17de88981f57fd6d323a1b17da5008e53f053309 Mon Sep 17 00:00:00 2001 From: Mitch Phillips Date: Wed, 13 Jan 2021 14:37:08 -0800 Subject: [MTE] Enable ASYNC MTE in the Zygote. This allows applications to turn on MTE. The current design of MTE inside of Scudo doesn't allow us to late-enable MTE (but we can late-disable it). Thus, we have to enable tagging in the Zygote in order to allow apps and the system_server to control their own MTE behaviour. We intentionally use ASYNC mode so that we don't waste memory collecting stack traces from the zygote pre-fork. Given that the zygote is mostly Java code, the process itself should be pretty low risk for memory corruption. Bug: 135772972 Bug: 172365548 Test: On FVP: atest -s localhost:5555 \ com.android.cts.tagging.TaggingSdk30Test#testMemoryTagChecksCompatFeatureEnabled \ com.android.cts.tagging.TaggingSdk30Test#testMemoryTagChecksCompatFeatureDisabled Change-Id: I9da2c33cb6022033264f443308d5508b3ff8da9e --- cmds/app_process/Android.bp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'cmds') diff --git a/cmds/app_process/Android.bp b/cmds/app_process/Android.bp index 07221f97c72b..14ebb713b6ae 100644 --- a/cmds/app_process/Android.bp +++ b/cmds/app_process/Android.bp @@ -62,4 +62,13 @@ cc_binary { // Create a symlink from app_process to app_process32 or 64 // depending on the target configuration. symlink_preferred_arch: true, + + // Enable ASYNC MTE in the zygote, in order to allow apps and the system + // server to use MTE. We use ASYNC because we don't expect the pre-fork + // zygote to have substantial memory corruption bugs (as it's primarily Java + // code), and we don't want to waste memory recording malloc/free stack + // traces (which happens in SYNC mode). + sanitize: { + memtag_heap: true, + }, } -- cgit v1.2.3