[Buildroot] [PATCH] package/glibc: optional MTE support in glibc

R irgstg at gmail.com
Sun Nov 26 20:28:42 UTC 2023 

Hi,
It has been a while... and I'm really sorry for that.
But I do think this can be useful - I took a look at the code a-bit
and haven't seen it supports compiling glibc with MTE.
May I continue to resolve your comments?
should it be in this thread or a new one is preferred?

Thanks :)

On Sun, Oct 31, 2021 at 7:52 PM Thomas Petazzoni <
thomas.petazzoni at bootlin.com> wrote:

> Hello,
>
> Thanks a lot for your contribution! See below some comments.
>
> On Sat, 30 Oct 2021 11:37:50 +0300
> "irgstg at gmail.com" <irgstg at gmail.com> wrote:
>
> > Adding option BR2_PACKAGE_GLIBC_MTE to configure glibc with MTE support.
> > When enabled, glibcs configuration process runs with
> `--enable-memory-tagging` [1].
> >
> > MTE (Memory Tagging Extension) is an ISA extension which aims to improve
> security on ARMv8.5-A [2].
> > The linux kernel supports this feature via CONFIG_ARM64_MTE.
> > In order for glibc's MTE support to work properly, the running kernel
> has to support that.
>
> Could you wrap the lines of your commit log to 72 columns?
>
> > dependencies:
> >  - supported on aarch64 only (BR2_aarch64)
> >  - requires binutils version 2.33.1 or newer
> (!B2_BINUTILS_VERSION_2_32_X)
> >  - requires at least linux 5.4 headers
> (BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_4)
> >
> > [1]
> https://sourceware.org/git/?p=glibc.git;a=blob;f=INSTALL;h=02dcf6b1ca3a4c43a17fdcae5e7dae8189c1c50b;hb=HEAD#l145
> > [2]
> https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/enhancing-memory-safety
> >
> > Signed-off-by: irgstg at gmail.com <irgstg at gmail.com>
>
> Could you resend with a real name ? We cannot accept anonymous
> contributions.
>
> > +config BR2_PACKAGE_GLIBC_MTE
> > +     bool "Install glibc support for MTE"
>
> Repeating that it's glibc related is not necessary, and making "MTE"
> explicit seems useful. So perhaps:
>
>         bool "enable Memory Tagging Extension (MTE) support"
>
> > +     depends on BR2_aarch64
> > +     depends on !BR2_BINUTILS_VERSION_2_32_X
> > +     depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_4
> > +     help
> > +       Enabling this option will configure, compile
> > +       and install glibc support for MTE (Memory Tagging Extension).
> > +       Please be aware, in order for that to work properly,
> > +       kernel support for MTE (CONFIG_ARM64_MTE), and a
> > +       supported CPU are needed.
>
> Instead of just saying so, you could do this in glibc.mk:
>
> ifeq ($(BR2_PACKAGE_GLIBC_MTE),y)
> GLIBC_CONF_OPTS += --enable-memory-tagging
> define GLIBC_LINUX_CONFIG_FIXUPS
>         $(call KCONFIG_ENABLE_OPT,CONFIG_ARM64_MTE)
> endef
> endif
>
> Of course, you need to add $(GLIBC_CONF_OPTS) inside
> GLIBC_CONFIGURE_CMDS.
>
> Other than that, it looks good to me.
>
> Do we need special compiler options to make use of MTE ?
>
> Best regards,
>
> Thomas
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin
> Embedded Linux and Kernel engineering and training
> https://bootlin.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.buildroot.org/pipermail/buildroot/attachments/20231126/5f545a4c/attachment.html>

More information about the buildroot mailing list