[MTE] Add memory tagging kill switch Feature flag

(cherry picked from commit 4dddbef)

Bug: 1448009
Change-Id: If262edd7ef2db319e1236ad50ad24bc90cd992cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4568060
Reviewed-by: Bartek Nowierski <bartekn@chromium.org>
Commit-Queue: Keishi Hattori <keishi@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1151748}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4596898
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5790@{#444}
Cr-Branched-From: 1d71a33-refs/heads/main@{#1148114}

base/allocator/partition_alloc_features.cc

@@ -190,6 +190,10 @@ const base::FeatureParam<MemoryTaggingEnabledProcesses>
         MemoryTaggingEnabledProcesses::kBrowserOnly,
         &kMemoryTaggingEnabledProcessesOptions};
 
+BASE_FEATURE(kKillPartitionAllocMemoryTagging,
+             "KillPartitionAllocMemoryTagging",
+             FEATURE_DISABLED_BY_DEFAULT);
+
 const base::FeatureParam<bool> kBackupRefPtrAsanEnableDereferenceCheckParam{
     &kPartitionAllocBackupRefPtr, "asan-enable-dereference-check", true};
 const base::FeatureParam<bool> kBackupRefPtrAsanEnableExtractionCheckParam{

base/allocator/partition_alloc_features.h

@@ -151,6 +151,9 @@ BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocMemoryTagging);
 extern const BASE_EXPORT base::FeatureParam<MemtagMode> kMemtagModeParam;
 extern const BASE_EXPORT base::FeatureParam<MemoryTaggingEnabledProcesses>
     kMemoryTaggingEnabledProcessesParam;
+// Kill switch for memory tagging. Skips any code related to memory tagging when
+// enabled.
+BASE_EXPORT BASE_DECLARE_FEATURE(kKillPartitionAllocMemoryTagging);
 extern const BASE_EXPORT base::FeatureParam<bool>
     kBackupRefPtrAsanEnableDereferenceCheckParam;
 extern const BASE_EXPORT base::FeatureParam<bool>

base/allocator/partition_alloc_support.cc

@@ -896,6 +896,10 @@ bool PartitionAllocSupport::ShouldEnableMemoryTagging(
   }
 
   DCHECK(base::FeatureList::GetInstance());
+  if (base::FeatureList::IsEnabled(
+          base::features::kKillPartitionAllocMemoryTagging)) {
+    return false;
+  }
   if (!base::FeatureList::IsEnabled(
           base::features::kPartitionAllocMemoryTagging)) {
     return false;
@@ -1177,39 +1181,45 @@ void PartitionAllocSupport::ReconfigureAfterFeatureListInit(
 
   bool enable_memory_tagging = false;
 #if PA_CONFIG(HAS_MEMORY_TAGGING)
-  // If synchronous mode is enabled from startup it means this is a test and
-  // memory tagging should be enabled.
-  if (partition_alloc::internal::GetMemoryTaggingModeForCurrentThread() ==
-      partition_alloc::TagViolationReportingMode::kSynchronous) {
-    enable_memory_tagging = true;
-  } else {
-    enable_memory_tagging = ShouldEnableMemoryTagging(process_type);
+  // ShouldEnableMemoryTagging() checks kKillPartitionAllocMemoryTagging but
+  // check here too to wrap the GetMemoryTaggingModeForCurrentThread() call.
+  if (!base::FeatureList::IsEnabled(
+          base::features::kKillPartitionAllocMemoryTagging)) {
+    // If synchronous mode is enabled from startup it means this is a test and
+    // memory tagging should be enabled.
+    if (partition_alloc::internal::GetMemoryTaggingModeForCurrentThread() ==
+        partition_alloc::TagViolationReportingMode::kSynchronous) {
+      enable_memory_tagging = true;
+    } else {
+      enable_memory_tagging = ShouldEnableMemoryTagging(process_type);
 #if BUILDFLAG(IS_ANDROID)
-    if (enable_memory_tagging) {
-      partition_alloc::TagViolationReportingMode reporting_mode;
-      switch (base::features::kMemtagModeParam.Get()) {
-        case base::features::MemtagMode::kSync:
-          reporting_mode =
-              partition_alloc::TagViolationReportingMode::kSynchronous;
-          break;
-        case base::features::MemtagMode::kAsync:
-          reporting_mode =
-              partition_alloc::TagViolationReportingMode::kAsynchronous;
-          break;
+      if (enable_memory_tagging) {
+        partition_alloc::TagViolationReportingMode reporting_mode;
+        switch (base::features::kMemtagModeParam.Get()) {
+          case base::features::MemtagMode::kSync:
+            reporting_mode =
+                partition_alloc::TagViolationReportingMode::kSynchronous;
+            break;
+          case base::features::MemtagMode::kAsync:
+            reporting_mode =
+                partition_alloc::TagViolationReportingMode::kAsynchronous;
+            break;
+        }
+        partition_alloc::internal::
+            ChangeMemoryTaggingModeForAllThreadsPerProcess(reporting_mode);
+        CHECK_EQ(
+            partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
+            reporting_mode);
+      } else if (base::CPU::GetInstanceNoAllocation().has_mte()) {
+        partition_alloc::internal::
+            ChangeMemoryTaggingModeForAllThreadsPerProcess(
+                partition_alloc::TagViolationReportingMode::kDisabled);
+        CHECK_EQ(
+            partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
+            partition_alloc::TagViolationReportingMode::kDisabled);
       }
-      partition_alloc::internal::ChangeMemoryTaggingModeForAllThreadsPerProcess(
-          reporting_mode);
-      CHECK_EQ(
-          partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
-          reporting_mode);
-    } else if (base::CPU::GetInstanceNoAllocation().has_mte()) {
-      partition_alloc::internal::ChangeMemoryTaggingModeForAllThreadsPerProcess(
-          partition_alloc::TagViolationReportingMode::kDisabled);
-      CHECK_EQ(
-          partition_alloc::internal::GetMemoryTaggingModeForCurrentThread(),
-          partition_alloc::TagViolationReportingMode::kDisabled);
-    }
 #endif  // BUILDFLAG(IS_ANDROID)
+    }
   }
 #endif  // PA_CONFIG(HAS_MEMORY_TAGGING)