Skip to content

Commit 8e0bb21

Browse files
morehousemorehouse
committed
[HWASan] Mention x86_64 aliasing mode in design doc.
Reviewed By: eugenis Differential Revision: https://reviews.llvm.org/D98892
1 parent 5797fea commit 8e0bb21

File tree

1 file changed

+16
-4
lines changed

1 file changed

+16
-4
lines changed

clang/docs/HardwareAssistedAddressSanitizerDesign.rst

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,17 @@ The redzones, the quarantine, and, to a less extent, the shadow, are the
1919
sources of AddressSanitizer's memory overhead.
2020
See the `AddressSanitizer paper`_ for details.
2121

22-
AArch64 has the `Address Tagging`_ (or top-byte-ignore, TBI), a hardware feature that allows
23-
software to use 8 most significant bits of a 64-bit pointer as
22+
AArch64 has `Address Tagging`_ (or top-byte-ignore, TBI), a hardware feature that allows
23+
software to use the 8 most significant bits of a 64-bit pointer as
2424
a tag. HWASAN uses `Address Tagging`_
2525
to implement a memory safety tool, similar to :doc:`AddressSanitizer`,
2626
but with smaller memory overhead and slightly different (mostly better)
2727
accuracy guarantees.
2828

29+
Intel's `Linear Address Masking`_ (LAM) also provides address tagging for
30+
x86_64, though it is not widely available in hardware yet. For x86_64, HWASAN
31+
has a limited implementation using page aliasing instead.
32+
2933
Algorithm
3034
=========
3135
* Every heap/stack/global memory object is forcibly aligned by `TG` bytes
@@ -266,7 +270,15 @@ before every load and store by compiler instrumentation, but this variant
266270
will have limited deployability since not all of the code is
267271
typically instrumented.
268272

269-
The HWASAN's approach is not applicable to 32-bit architectures.
273+
On x86_64, HWASAN utilizes page aliasing to place tags in userspace address
274+
bits. Currently only heap tagging is supported. The page aliases rely on
275+
shared memory, which will cause heap memory to be shared between processes if
276+
the application calls ``fork()``. Therefore x86_64 is really only safe for
277+
applications that do not fork.
278+
279+
HWASAN does not currently support 32-bit architectures since they do not
280+
support `Address Tagging`_ and the address space is too constrained to easily
281+
implement page aliasing.
270282

271283

272284
Related Work
@@ -284,4 +296,4 @@ Related Work
284296
.. _SPARC ADI: https://lazytyped.blogspot.com/2017/09/getting-started-with-adi.html
285297
.. _AddressSanitizer paper: https://www.usenix.org/system/files/conference/atc12/atc12-final39.pdf
286298
.. _Address Tagging: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0024a/ch12s05s01.html
287-
299+
.. _Linear Address Masking: https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html

0 commit comments

Comments
 (0)