[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f6212ddf70bc408a80d7eb690c46bccc@AcuMS.aculab.com>
Date: Thu, 10 Mar 2022 17:19:40 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Dave Hansen' <dave.hansen@...el.com>,
'Bharata B Rao' <bharata@....com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC: "linux-mm@...ck.org" <linux-mm@...ck.org>,
"x86@...nel.org" <x86@...nel.org>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"bp@...en8.de" <bp@...en8.de>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"catalin.marinas@....com" <catalin.marinas@....com>,
"will@...nel.org" <will@...nel.org>,
"shuah@...nel.org" <shuah@...nel.org>,
"oleg@...hat.com" <oleg@...hat.com>,
"ananth.narayan@....com" <ananth.narayan@....com>
Subject: RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging
From: Dave Hansen <dave.hansen@...el.com>
> Sent: 10 March 2022 16:46
>
> On 3/10/22 06:32, David Laight wrote:
> >> UAI allows software to store a tag in the upper 7 bits of a logical
> >> address [63:57]. When enabled, the processor will suppress the
> >> traditional canonical address checks on the addresses. More information
> >> about UAI can be found in section 5.10 of 'AMD64 Architecture
> >> Programmer's Manual, Vol 2: System Programming' which is available from
> >>
> >> https://bugzilla.kernel.org/attachment.cgi?id=300549
> > Is that really allowing bit 63 to be used?
> > That is normally the user-kernel bit.
> > I can't help feeling that will just badly break things.
>
> Yeah, this does seem worrisome. The LAM approach[1] retains
> canonicality checking for bit 63.
Actually it is rather worse than 'worrisome'.
Allowing the user all address upto the base of the valid
kernel addresses (probably tags to 3e, but not 3f)
means that you can't use a fast address check in access_ok().
You are forced to use the strict test that 32bit kernels use.
Otherwise for 64bit access_ok() need only test address < 0
and rely on kernel code reading something below the (big)
offset to valid kernel addresses.
No real need to include the length at all.
If the hardware is just ignoring the high address bits
then the should be no need to mask them in kernel.
The required kernel accesses to user memory should 'just work'.
Of course, the bit to enable this (wherever it is) needs
to be restored on every process switch.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists