[PATCH] arm64: mte: Document that user PSTATE.TCO is ignored by kernel uaccess

Catalin Marinas catalin.marinas at arm.com
Tue Oct 27 07:44:50 EDT 2020 

On Tue, Oct 27, 2020 at 11:33:24AM +0000, Szabolcs Nagy wrote:
> The 10/26/2020 14:18, Catalin Marinas wrote:
> > On Mon, Oct 26, 2020 at 01:14:15PM +0000, Will Deacon wrote:
> > > On Mon, Oct 26, 2020 at 12:16:56PM +0000, Catalin Marinas wrote:
> > > > On exception entry, the kernel explicitly resets the PSTATE.TCO (tag
> > > > check override) so that any kernel memory accesses will be checked (the
> > > > bit is restored on exception return). This has the side-effect that the
> > > > uaccess routines will not honour the PSTATE.TCO that may have been set
> > > > by the user prior to a syscall.
> > > > 
> > > > There is no issue in practice since PSTATE.TCO is expected to be used
> > > > only for brief periods in specific routines (e.g. garbage collection).
> > > > To control the tag checking mode of the uaccess routines, the user will
> > > > have to invoke a corresponding prctl() call.
> > > > 
> > > > Document the kernel behaviour w.r.t. PSTATE.TCO accordingly.
> > > > 
> > > > Signed-off-by: Catalin Marinas <catalin.marinas at arm.com>
> > > > Fixes: df9d7a22dd21 ("arm64: mte: Add Memory Tagging Extension documentation")
> > > > Cc: Will Deacon <will at kernel.org>
> > > > Cc: Szabolcs Nagy <szabolcs.nagy at arm.com>
> > > > ---
> > > >  Documentation/arm64/memory-tagging-extension.rst | 4 +++-
> > > >  1 file changed, 3 insertions(+), 1 deletion(-)
> > > > 
> > > > diff --git a/Documentation/arm64/memory-tagging-extension.rst b/Documentation/arm64/memory-tagging-extension.rst
> > > > index 034d37c605e8..648f8e8d480b 100644
> > > > --- a/Documentation/arm64/memory-tagging-extension.rst
> > > > +++ b/Documentation/arm64/memory-tagging-extension.rst
> > > > @@ -102,7 +102,9 @@ applications.
> > > >  system call) are not checked if the user thread tag checking mode is
> > > >  ``PR_MTE_TCF_NONE`` or ``PR_MTE_TCF_ASYNC``. If the tag checking mode is
> > > >  ``PR_MTE_TCF_SYNC``, the kernel makes a best effort to check its user
> > > > -address accesses, however it cannot always guarantee it.
> > > > +address accesses, however it cannot always guarantee it. The user
> > > > +``PSTATE.TCO`` bit is ignored by the kernel accesses to user addresses,
> > > > +its value assumed 0.
> > > 
> > > nit, but the wording feels a bit odd to me here. How about:
> > > 
> > >   Kernel accesses to user addresses are always performed with an effective
> > >   PSTATE.TCO value of zero, regardless of the user configuration.
> > 
> > That's better. Thanks.
> 
> looks good.
> i assume this means a signal handler will also have tco=0.

Yes, it's already documented that signal handlers are always invoked
with PSTATE.TCO=0.

-- 
Catalin

More information about the linux-arm-kernel mailing list