Re: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging

From: Bharata B Rao
Date: Fri Mar 11 2022 - 00:43:15 EST

Next message: Sedat Dilek: "[PATCH 5.17] tools: feature/test-libperl.c: Sync PERL_EMBED_CCOPTS with perf"
Previous message: Andrew Morton: "mmotm 2022-03-10-21-38 uploaded"
In reply to: David Laight: "RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging"
Next in thread: David Laight: "RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/10/2022 10:49 PM, David Laight wrote:
> From: Dave Hansen <dave.hansen@xxxxxxxxx>
>> Sent: 10 March 2022 16:46
>>
>> On 3/10/22 06:32, David Laight wrote:
>>>> UAI allows software to store a tag in the upper 7 bits of a logical
>>>> address [63:57]. When enabled, the processor will suppress the
>>>> traditional canonical address checks on the addresses. More information
>>>> about UAI can be found in section 5.10 of 'AMD64 Architecture
>>>> Programmer's Manual, Vol 2: System Programming' which is available from
>>>>
>>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.kernel.org%2Fattachment.cgi%3Fid%3D300549&data=04%7C01%7Cbharata%40amd.com%7Ca1de24223931481b3fcb08da02ba2e6f%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637825295938946622%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HijEAUq172r8YwkcCuhvl99Vk5BwE6iSROXcSQXmJHk%3D&reserved=0
>>> Is that really allowing bit 63 to be used?
>>> That is normally the user-kernel bit.
>>> I can't help feeling that will just badly break things.
>>
>> Yeah, this does seem worrisome. The LAM approach[1] retains
>> canonicality checking for bit 63.
>
> Actually it is rather worse than 'worrisome'.
> Allowing the user all address upto the base of the valid
> kernel addresses (probably tags to 3e, but not 3f)
> means that you can't use a fast address check in access_ok().
> You are forced to use the strict test that 32bit kernels use.

>From what I see, there is a single implementation of access_ok()
in arch/x86/asm/include/uaccess.h that does check if the user
address+size exceeds the limit.

Guess I am missing something, but can you please point me to the fast
implementation(that benefits from bit 63 being user/kernel address
disambiguation bit) and the strict checking in 32bit kernels that
are you are referring to?

Also I wonder here why ARM64 TBI which also uses the full upper byte
(including bit 63) for storing tag/metadata doesn't suffer from
this same problem?

Regards,
Bharata.

Next message: Sedat Dilek: "[PATCH 5.17] tools: feature/test-libperl.c: Sync PERL_EMBED_CCOPTS with perf"
Previous message: Andrew Morton: "mmotm 2022-03-10-21-38 uploaded"
In reply to: David Laight: "RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging"
Next in thread: David Laight: "RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]