Open
Conversation
Contributor
|
I think this is a better approach than #671. |
ayrtonm
reviewed
Mar 31, 2026
| return ia2_get_tag(); | ||
| } | ||
|
|
||
| void ia2_unprotect_thread_pointer_page(void) {} |
Contributor
There was a problem hiding this comment.
Might be better to remove this no-op since it could easily get missed later on and instead just add #if defined(__x86_64__) around this function's callsite.
ayrtonm
approved these changes
Mar 31, 2026
Contributor
ayrtonm
left a comment
ayrtonm
left a comment
There was a problem hiding this comment.
LGTM with a small change
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
IA2 retags writable memory (including PT_TLS-backed TLS pages) to compartment pkeys.
On x86_64, the page containing
__builtin_thread_pointer()(the TCB page addressed through%fs) holds process ABI state that can be accessed while different compartment PKRU values are active.That ABI state includes stack-protector canary reads such as
%fs:0x28, which occur in normal function prologues/epilogues and are not tied to a single compartment's policy boundary.If this page remains compartment-tagged, code can fault when execution reaches one of these ABI reads under a PKRU that cannot access that page.
Observed on
mainduring single-thread dav1d decode:dav1d_ref_create+16mov %fs:0x28,%rax%fs-relative TCB accessFix In This Branch
This branch applies a minimal x86_64-only startup hardening change (and replaces #671):
protect_tls_pages()logic unchanged.ia2_unprotect_thread_pointer_page()that:tcb_page = round_down(__builtin_thread_pointer(), PAGE_SIZE)ia2_mprotect_with_tag()ia2_start()after compartment setup/TLS retagging has run, before init completion.What This Branch Accomplishes
dav1ddecode blocker onmain(the%fs:0x28TCB access fault).__tls_get_addr/_rtld_local).How This Differs From #671
#671 widened runtime TLS policy in
protect_tls_pages()(bounded multi-page carveout set, sorted carveout walk, per-thread carveout handling, redundant-retag avoidance).This branch intentionally does not do that.
It is a narrower replacement branch that changes only startup TP-page treatment and leaves
protect_tls_pages()as inmain.Practical effect: