| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c1c944f7-d5e6-38ec-6fde-9e6d5c1af6d0@oracle.com>
Date: Tue, 17 Jan 2017 14:43:07 -0700
From: Khalid Aziz <khalid.aziz@...cle.com>
To: David Miller <davem@...emloft.net>, dave.hansen@...ux.intel.com
Cc: corbet@....net, arnd@...db.de, akpm@...ux-foundation.org,
hpa@...or.com, viro@...iv.linux.org.uk, nitin.m.gupta@...cle.com,
chris.hyser@...cle.com, tushar.n.dave@...cle.com,
sowmini.varadhan@...cle.com, mike.kravetz@...cle.com,
adam.buchbinder@...il.com, minchan@...nel.org, hughd@...gle.com,
kirill.shutemov@...ux.intel.com, keescook@...omium.org,
allen.pais@...cle.com, aryabinin@...tuozzo.com,
atish.patra@...cle.com, joe@...ches.com, pmladek@...e.com,
jslaby@...e.cz, cmetcalf@...lanox.com,
paul.gortmaker@...driver.com, mhocko@...e.com, jmarchan@...hat.com,
lstoakes@...il.com, 0x7f454c46@...il.com, vbabka@...e.cz,
tglx@...utronix.de, mingo@...hat.com, dan.j.williams@...el.com,
iamjoonsoo.kim@....com, mgorman@...hsingularity.net,
vdavydov.dev@...il.com, hannes@...xchg.org, namit@...are.com,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
sparclinux@...r.kernel.org, linux-arch@...r.kernel.org,
x86@...nel.org, linux-mm@...ck.org
Subject: Re: [PATCH v4 0/4] Application Data Integrity feature introduced by
SPARC M7
On 01/16/2017 09:47 PM, David Miller wrote:
> From: Dave Hansen <dave.hansen@...ux.intel.com>
> Date: Wed, 11 Jan 2017 10:13:54 -0800
>
>> For memory shared by two different processes, do they have to agree on
>> what the tags are, or can they differ?
>
> Whoever allocates the memory (does the mmap()+mprotect() or whatever),
> decides on the tag. They set it, and this determines which virtual
> address is valid to access that mapping.
>
> It's like kmalloc() returns pointers with some weird bits set in the
> upper bits of the address. Behind the scenes kmalloc() sets the
> TAG bits appropriately.
>
> It doesn't, in that sense, matter where in the non-tagged virtual
> address space the memory is mapped. All that matters is that, for
> a given page, the TAG bits in the virtual address used for loads
> and stores to that mapping are set properly.
>
> I think the fundamental thing being missed is that the TAG bits in the
> virtual address are not interpreted by the TLB. They are chopped off
> before virtual address translation occurs.
>
> The TAG bits of the virtual address serve only to indicate what ADI
> value the load or store thinks is valid to use for access to that
> piece of memory.
>
> Or something like that... :-)
Hi David,
Your explanation is spot on. MMU looks at the tag bits only to determine
if the process has permission to access the memory address. Tag bits are
not part of VA->PA translation. The tags are stored in physical memory
though and MMU compares the tag stored at physical address obtained from
TLB translation to the tag embedded in VA. What that means is if two
processes map the same physical page in their address space, they both
must embed the same tag in the VA they present to MMU irrespective of
where in each process' address space the page is mapped in. If one
process changes the tag, stored in physical memory, the other process
must also embed the new tag in its VA when accessing this shared mapped
page. This is something to consider because a tag can be set and changed
entirely from userspace with no kernel involvement as long as the
process has write access to memory.
--
Khalid
Powered by blists - more mailing lists