Comment by gchadwick
1 year ago
Are Google really pushing it a 'proper' security feature? You've quoted a line at the end of a blog that doesn't elaborate further. In the android documentation for instance it stats '[MTE] helps detect use-after-free and buffer-overflow bugs': https://source.android.com/docs/security/test/memory-safety/... without making any stronger claims.
> This isn’t that bad news either. It may leave existing chips vulnerable but the next iteration of MTE will probably account for this problem (assuming you can’t patch microcode to solve this).
I might argue fixing is is actively bad. Helps push the idea this is a feature to actually use for security rather than augment bug detection. Still fixing it shouldn't be too hard, just speculate as you do currently but always assume the tag check passes so you get the same speculative behaviour regardless of tag values (likely easier said than done of course, probably some fun corner cases where they'd still differ).
I’d say yes. Reading the blogs fully (and reading comments from people like Herb) makes it pretty clear it’s seen as a defense in depth mechanism. Yes it’s a debugging tool but since it’s running always at runtime it’s also usable for security purposes.
Whether it should be used for security or not is irrelevant - it clearly will be and I don’t see why it’s inherently undesirable. Seems like a useful technique to further raise the complexity of exploit chains needed to execute an attack and in some applications the speculation bypass may not even matter (eh CHERI + MTE is not subject to this attack based on what’s been written).
The annoying thing is that ARM engineers took your position instead of realizing it will be used for security applications anyway and fixing the speculation issue during the design phase since they did know about this.
MTE can be enabled in two modes. One is "synchronous": tag checking occurs on the relevant load/store instruction and will raise a segmentation fault immediately in case of a mismatch; this mode is slower but retains information about where the bad memory access was (i.e., hence intended for debugging). The second mode is asynchronous, where any mismatches are only raised after a context switch; this mode has minimal overhead but loses relevant debugging information (i.e., hence intended as a run-time protection).