Closed chenxiaolong closed 10 months ago
Is async mode not better for this use?
As synchronous mode prioritizes accuracy of bug detection over performance, it is most useful during development or as part of a continuous integration system. In these situations, the precise bug detection capability is more important than the performance overhead.
On other hand, ASYNC mode is optimized for performance over accuracy of bug reports. The information about where the bug occurred is less precise, but ASYNC mode provides a low overhead detection mechanism for memory safety bugs. It is useful for production systems when performance is more important than detailed bug information.
Source: https://community.arm.com/arm-community-blogs/b/operating-systems-blog/posts/new-mte-user-guide
Worth reading: https://discuss.grapheneos.org/d/8439-mte-support-status-for-grapheneos/3
For BCR's specific use case (with media codecs), I could not measure any performance impact at all, so I decided to pick the synchronous mode for better reporting if a bug occurs.
While BCR itself has no native code, the system media codecs do and we've run into memory corruption issues in the past (eg. the FLAC encoder can sometimes segfault if audio buffer timestamps are not set correctly).
Enabling MTE won't really make a difference security-wise for BCR. We never parse any untrusted inputs. But it might help catch potential issues in the media stack.