Nov 27, 2023 15:30:00

How to enable MTE on Pixel 8/Pixel 8 Pro

Armv9 now includes the Memory Tagging Extension (MTE), which tags additional metadata when each memory is allocated and deallocated to detect vulnerable use-after-frees and buffer overflows . It has been. Mark Brand of Google's security team ``Project Zero'' explained how to enable this MTE on the smartphone ``Pixel 8/8 Pro'' that can be activated for the first time.

Project Zero: First handset with MTE on the market
https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html

There is an option to enable 'MTE' in the developer options of Pixel 8 or Pixel 8 Pro. This option is provided with the assumption that app developers will use MTE to test their apps. There are three MTE operating modes: ``synchronous mode (SYNC)'', ``asynchronous mode (ASYNC)'', and ``asymmetric mode (ASYMM)'', but applications and native user mode binaries are set to the default synchronous mode. It is possible to.

Enabling MTE in synchronous mode requires the bootloader to reserve a portion of the device's memory to store tags, so first configure the bootloader to enable MTE, then in your application Your system must be configured to use MTE.

The steps are to enable USB debugging from developer options and connect your smartphone to a computer that has Android debugging tools installed. After starting the shell, run the following three commands and then restart.
[code]setprop arm64.memtag.bootctl memtag[/code]

[code]setprop persist.arm64.memtag.default sync[/code]

[code]setprop persist.arm64.memtag.app_default sync[/code]

The above commands allow you to configure the bootloader to enable MTE at boot time, set the default MTE mode for native executables running on the device, and set the default MTE mode for apps. .

At the time of writing, only experimental MTE support was available, including the need to

configure Chrome to load command line flags from files in /data/local/tmp on non-rooted Android devices. There are some things to keep in mind.

If you just want to make sure MTE is enabled in your bootloader, you can use the app created by the Dynamic Tools team on Google Play. At this point you can go back to developer settings and disable USB debugging, but the developer mode toggle should remain on. Disabling this will result in MTE being completely turned off on the next reboot.

Enabling MTE in this manner is likely to cause problems, such as at least some applications crashing or not being able to run properly with MTE, but Brand said that although he has had it enabled for a month, It seems that no problems have occurred. Additionally, Brand says that the Pixel 8 with MTE in Sync Mode enabled offers an upgrade in performance and battery life over its predecessor, at least subjectively.