From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_PASS,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 549E5C00449 for ; Wed, 3 Oct 2018 17:33:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 13C862089F for ; Wed, 3 Oct 2018 17:33:06 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 13C862089F Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727143AbeJDAWZ (ORCPT ); Wed, 3 Oct 2018 20:22:25 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:54456 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726851AbeJDAWZ (ORCPT ); Wed, 3 Oct 2018 20:22:25 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 260A180D; Wed, 3 Oct 2018 10:33:04 -0700 (PDT) Received: from arrakis.emea.arm.com (arrakis.emea.arm.com [10.4.12.129]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B9E193F5B3; Wed, 3 Oct 2018 10:32:59 -0700 (PDT) Date: Wed, 3 Oct 2018 18:32:57 +0100 From: Catalin Marinas To: Andrey Konovalov Cc: Will Deacon , Mark Rutland , Robin Murphy , Kees Cook , Kate Stewart , Greg Kroah-Hartman , Andrew Morton , Ingo Molnar , "Kirill A . Shutemov" , Shuah Khan , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Chintan Pandya , Jacob Bramley , Ruben Ayrapetyan , Lee Smith , Kostya Serebryany , Dmitry Vyukov , Ramana Radhakrishnan , Luc Van Oostenryck , Evgeniy Stepanov Subject: Re: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> References: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 02, 2018 at 03:12:42PM +0200, Andrey Konovalov wrote: > diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt > index a25a99e82bb1..ae877d185fdb 100644 > --- a/Documentation/arm64/tagged-pointers.txt > +++ b/Documentation/arm64/tagged-pointers.txt > @@ -17,13 +17,21 @@ this byte for application use. > Passing tagged addresses to the kernel > -------------------------------------- > > -All interpretation of userspace memory addresses by the kernel assumes > -an address tag of 0x00. > +Some initial work for supporting non-zero address tags passed to the > +kernel has been done. As of now, the kernel supports tags in: With my maintainer hat on, the above statement leads me to think this new ABI is work in progress, so not yet suitable for upstream. Also, how is user space supposed to know that it can now pass tagged pointers into the kernel? An ABI change (or relaxation), needs to be advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI). Once we have a HWCAP bit in place, we need to be pretty clear about which syscalls can and cannot cope with tagged pointers. The "as of now" implies potential further relaxation which, again, would need to be advertised to user in some (additional) way. > -This includes, but is not limited to, addresses found in: > + - user fault addresses While the kernel currently supports this in some way (by clearing the tag exception entry, el0_da), the above implies (at least to me) that sigcontext.fault_address would contain the tagged address. That's not the case (unless I missed it in your patches). > - - pointer arguments to system calls, including pointers in structures > - passed to system calls, > + - pointer arguments (including pointers in structures), which don't > + describe virtual memory ranges, passed to system calls I think we need to be more precise here... > +All other interpretations of userspace memory addresses by the kernel > +assume an address tag of 0x00. This includes, but is not limited to, > +addresses found in: > + > + - pointer arguments (including pointers in structures), which describe > + virtual memory ranges, passed to memory system calls (mmap, mprotect, > + etc.) ...and probably a full list here. -- Catalin From mboxrd@z Thu Jan 1 00:00:00 1970 From: catalin.marinas at arm.com (Catalin Marinas) Date: Wed, 3 Oct 2018 18:32:57 +0100 Subject: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> References: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> On Tue, Oct 02, 2018 at 03:12:42PM +0200, Andrey Konovalov wrote: > diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt > index a25a99e82bb1..ae877d185fdb 100644 > --- a/Documentation/arm64/tagged-pointers.txt > +++ b/Documentation/arm64/tagged-pointers.txt > @@ -17,13 +17,21 @@ this byte for application use. > Passing tagged addresses to the kernel > -------------------------------------- > > -All interpretation of userspace memory addresses by the kernel assumes > -an address tag of 0x00. > +Some initial work for supporting non-zero address tags passed to the > +kernel has been done. As of now, the kernel supports tags in: With my maintainer hat on, the above statement leads me to think this new ABI is work in progress, so not yet suitable for upstream. Also, how is user space supposed to know that it can now pass tagged pointers into the kernel? An ABI change (or relaxation), needs to be advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI). Once we have a HWCAP bit in place, we need to be pretty clear about which syscalls can and cannot cope with tagged pointers. The "as of now" implies potential further relaxation which, again, would need to be advertised to user in some (additional) way. > -This includes, but is not limited to, addresses found in: > + - user fault addresses While the kernel currently supports this in some way (by clearing the tag exception entry, el0_da), the above implies (at least to me) that sigcontext.fault_address would contain the tagged address. That's not the case (unless I missed it in your patches). > - - pointer arguments to system calls, including pointers in structures > - passed to system calls, > + - pointer arguments (including pointers in structures), which don't > + describe virtual memory ranges, passed to system calls I think we need to be more precise here... > +All other interpretations of userspace memory addresses by the kernel > +assume an address tag of 0x00. This includes, but is not limited to, > +addresses found in: > + > + - pointer arguments (including pointers in structures), which describe > + virtual memory ranges, passed to memory system calls (mmap, mprotect, > + etc.) ...and probably a full list here. -- Catalin From mboxrd@z Thu Jan 1 00:00:00 1970 From: catalin.marinas@arm.com (Catalin Marinas) Date: Wed, 3 Oct 2018 18:32:57 +0100 Subject: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> References: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> Content-Type: text/plain; charset="UTF-8" Message-ID: <20181003173257.tE8OyzystxjJry0cIw_1tnuvO9B7riyDjmX5MmIaizU@z> On Tue, Oct 02, 2018@03:12:42PM +0200, Andrey Konovalov wrote: > diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt > index a25a99e82bb1..ae877d185fdb 100644 > --- a/Documentation/arm64/tagged-pointers.txt > +++ b/Documentation/arm64/tagged-pointers.txt > @@ -17,13 +17,21 @@ this byte for application use. > Passing tagged addresses to the kernel > -------------------------------------- > > -All interpretation of userspace memory addresses by the kernel assumes > -an address tag of 0x00. > +Some initial work for supporting non-zero address tags passed to the > +kernel has been done. As of now, the kernel supports tags in: With my maintainer hat on, the above statement leads me to think this new ABI is work in progress, so not yet suitable for upstream. Also, how is user space supposed to know that it can now pass tagged pointers into the kernel? An ABI change (or relaxation), needs to be advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI). Once we have a HWCAP bit in place, we need to be pretty clear about which syscalls can and cannot cope with tagged pointers. The "as of now" implies potential further relaxation which, again, would need to be advertised to user in some (additional) way. > -This includes, but is not limited to, addresses found in: > + - user fault addresses While the kernel currently supports this in some way (by clearing the tag exception entry, el0_da), the above implies (at least to me) that sigcontext.fault_address would contain the tagged address. That's not the case (unless I missed it in your patches). > - - pointer arguments to system calls, including pointers in structures > - passed to system calls, > + - pointer arguments (including pointers in structures), which don't > + describe virtual memory ranges, passed to system calls I think we need to be more precise here... > +All other interpretations of userspace memory addresses by the kernel > +assume an address tag of 0x00. This includes, but is not limited to, > +addresses found in: > + > + - pointer arguments (including pointers in structures), which describe > + virtual memory ranges, passed to memory system calls (mmap, mprotect, > + etc.) ...and probably a full list here. -- Catalin From mboxrd@z Thu Jan 1 00:00:00 1970 From: Catalin Marinas Subject: Re: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt Date: Wed, 3 Oct 2018 18:32:57 +0100 Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> References: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> Sender: linux-kernel-owner@vger.kernel.org To: Andrey Konovalov Cc: Will Deacon , Mark Rutland , Robin Murphy , Kees Cook , Kate Stewart , Greg Kroah-Hartman , Andrew Morton , Ingo Molnar , "Kirill A . Shutemov" , Shuah Khan , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Chintan Pandya , Jacob Bramley , Ruben Ayrapetyan , Lee Smith , Kostya Serebryany List-Id: linux-arch.vger.kernel.org On Tue, Oct 02, 2018 at 03:12:42PM +0200, Andrey Konovalov wrote: > diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt > index a25a99e82bb1..ae877d185fdb 100644 > --- a/Documentation/arm64/tagged-pointers.txt > +++ b/Documentation/arm64/tagged-pointers.txt > @@ -17,13 +17,21 @@ this byte for application use. > Passing tagged addresses to the kernel > -------------------------------------- > > -All interpretation of userspace memory addresses by the kernel assumes > -an address tag of 0x00. > +Some initial work for supporting non-zero address tags passed to the > +kernel has been done. As of now, the kernel supports tags in: With my maintainer hat on, the above statement leads me to think this new ABI is work in progress, so not yet suitable for upstream. Also, how is user space supposed to know that it can now pass tagged pointers into the kernel? An ABI change (or relaxation), needs to be advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI). Once we have a HWCAP bit in place, we need to be pretty clear about which syscalls can and cannot cope with tagged pointers. The "as of now" implies potential further relaxation which, again, would need to be advertised to user in some (additional) way. > -This includes, but is not limited to, addresses found in: > + - user fault addresses While the kernel currently supports this in some way (by clearing the tag exception entry, el0_da), the above implies (at least to me) that sigcontext.fault_address would contain the tagged address. That's not the case (unless I missed it in your patches). > - - pointer arguments to system calls, including pointers in structures > - passed to system calls, > + - pointer arguments (including pointers in structures), which don't > + describe virtual memory ranges, passed to system calls I think we need to be more precise here... > +All other interpretations of userspace memory addresses by the kernel > +assume an address tag of 0x00. This includes, but is not limited to, > +addresses found in: > + > + - pointer arguments (including pointers in structures), which describe > + virtual memory ranges, passed to memory system calls (mmap, mprotect, > + etc.) ...and probably a full list here. -- Catalin From mboxrd@z Thu Jan 1 00:00:00 1970 From: catalin.marinas@arm.com (Catalin Marinas) Date: Wed, 3 Oct 2018 18:32:57 +0100 Subject: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> References: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com> Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org On Tue, Oct 02, 2018 at 03:12:42PM +0200, Andrey Konovalov wrote: > diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt > index a25a99e82bb1..ae877d185fdb 100644 > --- a/Documentation/arm64/tagged-pointers.txt > +++ b/Documentation/arm64/tagged-pointers.txt > @@ -17,13 +17,21 @@ this byte for application use. > Passing tagged addresses to the kernel > -------------------------------------- > > -All interpretation of userspace memory addresses by the kernel assumes > -an address tag of 0x00. > +Some initial work for supporting non-zero address tags passed to the > +kernel has been done. As of now, the kernel supports tags in: With my maintainer hat on, the above statement leads me to think this new ABI is work in progress, so not yet suitable for upstream. Also, how is user space supposed to know that it can now pass tagged pointers into the kernel? An ABI change (or relaxation), needs to be advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI). Once we have a HWCAP bit in place, we need to be pretty clear about which syscalls can and cannot cope with tagged pointers. The "as of now" implies potential further relaxation which, again, would need to be advertised to user in some (additional) way. > -This includes, but is not limited to, addresses found in: > + - user fault addresses While the kernel currently supports this in some way (by clearing the tag exception entry, el0_da), the above implies (at least to me) that sigcontext.fault_address would contain the tagged address. That's not the case (unless I missed it in your patches). > - - pointer arguments to system calls, including pointers in structures > - passed to system calls, > + - pointer arguments (including pointers in structures), which don't > + describe virtual memory ranges, passed to system calls I think we need to be more precise here... > +All other interpretations of userspace memory addresses by the kernel > +assume an address tag of 0x00. This includes, but is not limited to, > +addresses found in: > + > + - pointer arguments (including pointers in structures), which describe > + virtual memory ranges, passed to memory system calls (mmap, mprotect, > + etc.) ...and probably a full list here. -- Catalin