linux-arch.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Catalin Marinas <catalin.marinas@arm.com>
To: Andrey Konovalov <andreyknvl@google.com>
Cc: Will Deacon <will.deacon@arm.com>,
	Mark Rutland <mark.rutland@arm.com>,
	Robin Murphy <robin.murphy@arm.com>,
	Kees Cook <keescook@chromium.org>,
	Kate Stewart <kstewart@linuxfoundation.org>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Ingo Molnar <mingo@kernel.org>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Shuah Khan <shuah@kernel.org>,
	linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
	linux-mm@kvack.org, linux-arch@vger.kernel.org,
	linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
	Chintan Pandya <cpandya@codeaurora.org>,
	Jacob Bramley <Jacob.Bramley@arm.com>,
	Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>,
	Lee Smith <Lee.Smith@arm.com>, Kostya Serebryany <kcc@google.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>,
	Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	Evgeniy Stepanov <eugenis@google.com>
Subject: Re: [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt
Date: Wed, 3 Oct 2018 18:32:57 +0100	[thread overview]
Message-ID: <20181003173256.GG12998@arrakis.emea.arm.com> (raw)
Message-ID: <20181003173257.k2m76d3HE1y4i6cApdVkud6WyVLBv7dLDLrIGhjvj3U@z> (raw)
In-Reply-To: <47a464307d4df3c0cb65f88d1fe83f9a741dd74b.1538485901.git.andreyknvl@google.com>

On Tue, Oct 02, 2018 at 03:12:42PM +0200, Andrey Konovalov wrote:
> diff --git a/Documentation/arm64/tagged-pointers.txt b/Documentation/arm64/tagged-pointers.txt
> index a25a99e82bb1..ae877d185fdb 100644
> --- a/Documentation/arm64/tagged-pointers.txt
> +++ b/Documentation/arm64/tagged-pointers.txt
> @@ -17,13 +17,21 @@ this byte for application use.
>  Passing tagged addresses to the kernel
>  --------------------------------------
>  
> -All interpretation of userspace memory addresses by the kernel assumes
> -an address tag of 0x00.
> +Some initial work for supporting non-zero address tags passed to the
> +kernel has been done. As of now, the kernel supports tags in:

With my maintainer hat on, the above statement leads me to think this
new ABI is work in progress, so not yet suitable for upstream.

Also, how is user space supposed to know that it can now pass tagged
pointers into the kernel? An ABI change (or relaxation), needs to be
advertised by the kernel, usually via a new HWCAP bit (e.g. HWCAP_TBI).
Once we have a HWCAP bit in place, we need to be pretty clear about
which syscalls can and cannot cope with tagged pointers. The "as of now"
implies potential further relaxation which, again, would need to be
advertised to user in some (additional) way.

> -This includes, but is not limited to, addresses found in:
> +  - user fault addresses

While the kernel currently supports this in some way (by clearing the
tag exception entry, el0_da), the above implies (at least to me) that
sigcontext.fault_address would contain the tagged address. That's not
the case (unless I missed it in your patches).

> - - pointer arguments to system calls, including pointers in structures
> -   passed to system calls,
> +  - pointer arguments (including pointers in structures), which don't
> +    describe virtual memory ranges, passed to system calls

I think we need to be more precise here...

> +All other interpretations of userspace memory addresses by the kernel
> +assume an address tag of 0x00. This includes, but is not limited to,
> +addresses found in:
> +
> + - pointer arguments (including pointers in structures), which describe
> +   virtual memory ranges, passed to memory system calls (mmap, mprotect,
> +   etc.)

...and probably a full list here.

-- 
Catalin

  parent reply	other threads:[~2018-10-04  0:22 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-02 13:12 [PATCH v7 0/8] arm64: untag user pointers passed to the kernel Andrey Konovalov
2018-10-02 13:12 ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 1/8] arm64: add type casts to untagged_addr macro Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 2/8] uaccess: add untagged_addr definition for other arches Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 3/8] arm64: untag user addresses in access_ok and __uaccess_mask_ptr Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 4/8] mm, arm64: untag user addresses in mm/gup.c Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 5/8] lib, arm64: untag addrs passed to strncpy_from_user and strnlen_user Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 6/8] fs, arm64: untag user address in copy_mount_options Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-02 13:12 ` [PATCH v7 7/8] arm64: update Documentation/arm64/tagged-pointers.txt Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-03 17:32   ` Catalin Marinas [this message]
2018-10-03 17:32     ` Catalin Marinas
2018-10-10 14:09     ` Andrey Konovalov
2018-10-10 14:09       ` Andrey Konovalov
2018-10-18 17:31       ` Catalin Marinas
2018-10-18 17:31         ` Catalin Marinas
2018-10-02 13:12 ` [PATCH v7 8/8] selftests, arm64: add a selftest for passing tagged pointers to kernel Andrey Konovalov
2018-10-02 13:12   ` Andrey Konovalov
2018-10-03 13:31 ` [PATCH v7 0/8] arm64: untag user pointers passed to the kernel Luc Van Oostenryck
2018-10-03 13:31   ` Luc Van Oostenryck
2018-10-17 14:06 ` Vincenzo Frascino
2018-10-17 14:06   ` Vincenzo Frascino
2018-10-17 14:20   ` Andrey Konovalov
2018-10-17 14:20     ` Andrey Konovalov
2018-10-17 20:25     ` Evgenii Stepanov
2018-10-17 20:25       ` Evgenii Stepanov
2018-10-18 17:33       ` Catalin Marinas
2018-10-18 17:33         ` Catalin Marinas
2018-10-19  9:04       ` Vincenzo Frascino
2018-10-19  9:04         ` Vincenzo Frascino

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181003173256.GG12998@arrakis.emea.arm.com \
    --to=catalin.marinas@arm.com \
    --cc=Jacob.Bramley@arm.com \
    --cc=Lee.Smith@arm.com \
    --cc=Ramana.Radhakrishnan@arm.com \
    --cc=Ruben.Ayrapetyan@arm.com \
    --cc=akpm@linux-foundation.org \
    --cc=andreyknvl@google.com \
    --cc=cpandya@codeaurora.org \
    --cc=dvyukov@google.com \
    --cc=eugenis@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=kcc@google.com \
    --cc=keescook@chromium.org \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=kstewart@linuxfoundation.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=luc.vanoostenryck@gmail.com \
    --cc=mark.rutland@arm.com \
    --cc=mingo@kernel.org \
    --cc=robin.murphy@arm.com \
    --cc=shuah@kernel.org \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).