On Mon, Jun 03, 2019 at 06:55:18PM +0200, Andrey Konovalov wrote:
> This patch is a part of a series that extends arm64 kernel ABI to allow to
> pass tagged user pointers (with the top byte set to something else other
> than 0x00) as syscall arguments.
>
> This patch adds a simple test, that calls the uname syscall with a
> tagged user pointer as an argument. Without the kernel accepting tagged
> user pointers the test fails with EFAULT.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
BTW, you could add
Co-developed-by: Catalin Marinas <catalin.marinas@xxxxxxx>
since I wrote the malloc() etc. hooks.
> +static void *tag_ptr(void *ptr)
> +{
> + unsigned long tag = rand() & 0xff;
> + if (!ptr)
> + return ptr;
> + return (void *)((unsigned long)ptr | (tag << TAG_SHIFT));
> +}
With the prctl() option, this function becomes (if you have a better
idea, fine by me):
----------8<---------------
#include <stdlib.h>
#include <sys/prctl.h>
#define TAG_SHIFT (56)
#define TAG_MASK (0xffUL << TAG_SHIFT)
#define PR_SET_TAGGED_ADDR_CTRL 55
#define PR_GET_TAGGED_ADDR_CTRL 56
# define PR_TAGGED_ADDR_ENABLE (1UL << 0)
void *__libc_malloc(size_t size);
void __libc_free(void *ptr);
void *__libc_realloc(void *ptr, size_t size);
void *__libc_calloc(size_t nmemb, size_t size);
static void *tag_ptr(void *ptr)
{
static int tagged_addr_err = 1;
unsigned long tag = 0;
if (tagged_addr_err == 1)
tagged_addr_err = prctl(PR_SET_TAGGED_ADDR_CTRL,
PR_TAGGED_ADDR_ENABLE, 0, 0, 0);
if (!ptr)
return ptr;
if (!tagged_addr_err)
tag = rand() & 0xff;
return (void *)((unsigned long)ptr | (tag << TAG_SHIFT));
}
--
Catalin
