From 6dabec7b3b920f1490a9b0afc5373758362daac1 Mon Sep 17 00:00:00 2001
From: Mitch Phillips <mitchp@google.com>
Date: Fri, 3 Apr 2020 16:07:13 -0700
Subject: [PATCH] Don't ask libc for PT feature w/o kernel support.

Check that the kernel supports the Tagged Pointers feature before asking
libc to disable/enable pointer tagging.

Bug: 153114333
Test: Build coral, note no messages from SetHeapTaggingLevel.
Test: atest CtsTaggingHostTestCases

Change-Id: Id5fbd731aa70f7b0a75525387479f6123628a012
---
 core/java/com/android/internal/os/Zygote.java         |  7 +++++++
 core/java/com/android/internal/os/ZygoteInit.java     |  4 ++--
 core/jni/com_android_internal_os_Zygote.cpp           | 11 +++++++++++
 .../core/java/com/android/server/am/ProcessList.java  |  6 +++---
 4 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/core/java/com/android/internal/os/Zygote.java b/core/java/com/android/internal/os/Zygote.java
index 162c3143bdbe6..aaedbb32bbb8f 100644
--- a/core/java/com/android/internal/os/Zygote.java
+++ b/core/java/com/android/internal/os/Zygote.java
@@ -1065,4 +1065,11 @@ public final class Zygote {
      * Returns whether the hardware supports memory tagging (ARM MTE).
      */
     public static native boolean nativeSupportsMemoryTagging();
+
+    /**
+     * Returns whether the kernel supports tagged pointers. Present in the
+     * Android Common Kernel from 4.14 and up. By default, you should prefer
+     * fully-feature Memory Tagging, rather than the static Tagged Pointers.
+     */
+    public static native boolean nativeSupportsTaggedPointers();
 }
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 88112c330bda4..a99677d945d26 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -754,9 +754,9 @@ public class ZygoteInit {
                 /* The system server is more privileged than regular app processes, so it has async
                  * tag checks enabled on hardware that supports memory tagging. */
                 parsedArgs.mRuntimeFlags |= Zygote.MEMORY_TAG_LEVEL_ASYNC;
-            } else {
+            } else if (Zygote.nativeSupportsTaggedPointers()) {
                 /* Enable pointer tagging in the system server. Hardware support for this is present
-                 * in all ARMv8 CPUs; this flag has no effect on other platforms. */
+                 * in all ARMv8 CPUs. */
                 parsedArgs.mRuntimeFlags |= Zygote.MEMORY_TAG_LEVEL_TBI;
             }
 
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index 091ccc6e96956..77932623a1b0f 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -2456,6 +2456,15 @@ static jboolean com_android_internal_os_Zygote_nativeSupportsMemoryTagging(JNIEn
 #endif
 }
 
+static jboolean com_android_internal_os_Zygote_nativeSupportsTaggedPointers(JNIEnv* env, jclass) {
+#ifdef __aarch64__
+  int res = prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0);
+  return res >= 0 && res & PR_TAGGED_ADDR_ENABLE;
+#else
+  return false;
+#endif
+}
+
 static const JNINativeMethod gMethods[] = {
         {"nativeForkAndSpecialize",
          "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/"
@@ -2493,6 +2502,8 @@ static const JNINativeMethod gMethods[] = {
          (void*)com_android_internal_os_Zygote_nativeParseSigChld},
         {"nativeSupportsMemoryTagging", "()Z",
          (void*)com_android_internal_os_Zygote_nativeSupportsMemoryTagging},
+        {"nativeSupportsTaggedPointers", "()Z",
+         (void*)com_android_internal_os_Zygote_nativeSupportsTaggedPointers},
 };
 
 int register_com_android_internal_os_Zygote(JNIEnv* env) {
diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java
index 37e5207f65296..a7268dff534d6 100644
--- a/services/core/java/com/android/server/am/ProcessList.java
+++ b/services/core/java/com/android/server/am/ProcessList.java
@@ -1862,9 +1862,9 @@ public final class ProcessList {
                         || mPlatformCompat.isChangeEnabled(NATIVE_MEMORY_TAGGING, app.info)) {
                     runtimeFlags |= Zygote.MEMORY_TAG_LEVEL_ASYNC;
                 }
-            } else {
-                // Enable heap pointer tagging, unless disabled by the app manifest, target sdk
-                // level, or the compat feature.
+            } else if (Zygote.nativeSupportsTaggedPointers()) {
+                // Enable heap pointer tagging if supported by the kernel, unless disabled by the
+                // app manifest, target sdk level, or compat feature.
                 if (app.info.allowsNativeHeapPointerTagging()
                         && mPlatformCompat.isChangeEnabled(NATIVE_HEAP_POINTER_TAGGING, app.info)) {
                     runtimeFlags |= Zygote.MEMORY_TAG_LEVEL_TBI;