Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5750d3b1 authored by Evgenii Stepanov's avatar Evgenii Stepanov
Browse files

Refactor NativeHeapTagging compat feature. 

Move the logic to startProcessLocked so that it can use app info/flags.

Bug: 135754954
Test: NFC
Change-Id: Ief86185c6866640700e2548259df9ba1fb617e4d
parent 260ffabb

core/java/com/android/internal/os/RuntimeInit.java

+0 −29
Original line number Diff line number Diff line
@@ -19,8 +19,6 @@ package com.android.internal.os; 
import android.app.ActivityManager;

import android.app.ActivityThread;

import android.app.ApplicationErrorReport;

import android.compat.annotation.ChangeId;

import android.compat.annotation.EnabledAfter;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.type.DefaultMimeMapFactory;

import android.os.Build;
@@ -36,7 +34,6 @@ import android.util.Slog; 
import com.android.internal.logging.AndroidConfig;

import com.android.server.NetworkManagementSocketTagger;



import dalvik.annotation.compat.VersionCodes;

import dalvik.system.RuntimeHooks;

import dalvik.system.ThreadPrioritySetter;

import dalvik.system.VMRuntime;
@@ -67,18 +64,8 @@ public class RuntimeInit { 


    private static volatile boolean mCrashing = false;



    /**

     * Native heap allocations will now have a non-zero tag in the most significant byte.

     * See

     * <a href="https://source.android.com/devices/tech/debug/tagged-pointers">https://source.android.com/devices/tech/debug/tagged-pointers</a>.

     */

    @ChangeId

    @EnabledAfter(targetSdkVersion = VersionCodes.Q)

    private static final long NATIVE_HEAP_POINTER_TAGGING = 135754954; // This is a bug id.



    private static final native void nativeFinishInit();

    private static final native void nativeSetExitWithoutCleanup(boolean exitWithoutCleanup);

    private static native void nativeDisableHeapPointerTagging();



    private static int Clog_e(String tag, String msg, Throwable tr) {

        return Log.printlns(Log.LOG_ID_CRASH, Log.ERROR, tag, msg, tr);
@@ -411,20 +398,6 @@ public class RuntimeInit { 
        if (DEBUG) Slog.d(TAG, "Leaving RuntimeInit!");

    }



    private static void maybeDisableHeapPointerTagging(long[] disabledCompatChanges) {

        // Heap tagging needs to be disabled before any additional threads are created, but the

        // AppCompat framework is not initialized enough at this point.

        // Check if the change is enabled manually.

        if (disabledCompatChanges != null) {

            for (int i = 0; i < disabledCompatChanges.length; i++) {

                if (disabledCompatChanges[i] == NATIVE_HEAP_POINTER_TAGGING) {

                    nativeDisableHeapPointerTagging();

                    break;

                }

            }

        }

    }



    protected static Runnable applicationInit(int targetSdkVersion, long[] disabledCompatChanges,

            String[] argv, ClassLoader classLoader) {

        // If the application calls System.exit(), terminate the process
@@ -437,8 +410,6 @@ public class RuntimeInit { 
        VMRuntime.getRuntime().setTargetSdkVersion(targetSdkVersion);

        VMRuntime.getRuntime().setDisabledCompatChanges(disabledCompatChanges);



        maybeDisableHeapPointerTagging(disabledCompatChanges);



        final Arguments args = new Arguments(argv);



        // The end of of the RuntimeInit event (see #zygoteInit).

core/java/com/android/internal/os/Zygote.java

+19 −0
Original line number Diff line number Diff line
@@ -122,6 +122,25 @@ public final class Zygote { 
     */

    public static final int DISABLE_TEST_API_ENFORCEMENT_POLICY = 1 << 18;



    public static final int MEMORY_TAG_LEVEL_MASK = (1 << 19) | (1 << 20);

    /**

     * Enable pointer tagging in this process.

     * Tags are checked during memory deallocation, but not on access.

     * TBI stands for Top-Byte-Ignore, an ARM CPU feature.

     * {@link https://developer.arm.com/docs/den0024/latest/the-memory-management-unit/translation-table-configuration/virtual-address-tagging}

     */

    public static final int MEMORY_TAG_LEVEL_TBI = 1 << 19;



    /**

     * Enable asynchronous memory tag checks in this process.

     */

    public static final int MEMORY_TAG_LEVEL_ASYNC = 2 << 19;



    /**

     * Enable synchronous memory tag checks in this process.

     */

    public static final int MEMORY_TAG_LEVEL_SYNC = 3 << 19;



    /** No external storage should be mounted. */

    public static final int MOUNT_EXTERNAL_NONE = IVold.REMOUNT_MODE_NONE;

    /** Default external storage should be mounted. */

core/java/com/android/internal/os/ZygoteInit.java

+4 −0
Original line number Diff line number Diff line
@@ -788,6 +788,10 @@ public class ZygoteInit { 
            Zygote.applyDebuggerSystemProperty(parsedArgs);

            Zygote.applyInvokeWithSystemProperty(parsedArgs);



            /* Enable pointer tagging in the system server unconditionally. Hardware support for

             * this is present in all ARMv8 CPUs; this flag has no effect on other platforms. */

            parsedArgs.mRuntimeFlags |= Zygote.MEMORY_TAG_LEVEL_TBI;



            if (shouldProfileSystemServer()) {

                parsedArgs.mRuntimeFlags |= Zygote.PROFILE_SYSTEM_SERVER;

            }

core/jni/AndroidRuntime.cpp

+0 −10
Original line number Diff line number Diff line
@@ -241,14 +241,6 @@ static void com_android_internal_os_RuntimeInit_nativeSetExitWithoutCleanup(JNIE 
    gCurRuntime->setExitWithoutCleanup(exitWithoutCleanup);

}



static void com_android_internal_os_RuntimeInit_nativeDisableHeapPointerTagging(

        JNIEnv* env, jobject clazz) {

    HeapTaggingLevel tag_level = M_HEAP_TAGGING_LEVEL_NONE;

    if (!android_mallopt(M_SET_HEAP_TAGGING_LEVEL, &tag_level, sizeof(tag_level))) {

        ALOGE("ERROR: could not disable heap pointer tagging\n");

    }

}



/*

 * JNI registration.

 */
@@ -260,8 +252,6 @@ int register_com_android_internal_os_RuntimeInit(JNIEnv* env) 
             (void*)com_android_internal_os_RuntimeInit_nativeFinishInit},

            {"nativeSetExitWithoutCleanup", "(Z)V",

             (void*)com_android_internal_os_RuntimeInit_nativeSetExitWithoutCleanup},

            {"nativeDisableHeapPointerTagging", "()V",

             (void*)com_android_internal_os_RuntimeInit_nativeDisableHeapPointerTagging},

    };

    return jniRegisterNativeMethods(env, "com/android/internal/os/RuntimeInit",

        methods, NELEM(methods));

core/jni/com_android_internal_os_Zygote.cpp

+12 −0
Original line number Diff line number Diff line
@@ -349,6 +349,8 @@ static const std::array<const std::string, MOUNT_EXTERNAL_COUNT> ExternalStorage 
enum RuntimeFlags : uint32_t {

  DEBUG_ENABLE_JDWP = 1,

  PROFILE_FROM_SHELL = 1 << 15,

  MEMORY_TAG_LEVEL_MASK = (1 << 19) | (1 << 20),

  MEMORY_TAG_LEVEL_TBI = 1 << 19,

};



enum UnsolicitedZygoteMessageTypes : uint32_t {
@@ -1627,6 +1629,16 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, 
    }

  }



  HeapTaggingLevel heap_tagging_level;

  switch (runtime_flags & RuntimeFlags::MEMORY_TAG_LEVEL_MASK) {

    case RuntimeFlags::MEMORY_TAG_LEVEL_TBI:

      heap_tagging_level = M_HEAP_TAGGING_LEVEL_TBI;

      break;

    default:

      heap_tagging_level = M_HEAP_TAGGING_LEVEL_NONE;

  }

  android_mallopt(M_SET_HEAP_TAGGING_LEVEL, &heap_tagging_level, sizeof(heap_tagging_level));



  if (NeedsNoRandomizeWorkaround()) {

    // Work around ARM kernel ASLR lossage (http://b/5817320).

    int old_personality = personality(0xffffffff);