[PATCH v6 5/5] arm64: futex: support futex with FEAT_LSUI
Yeoreum Yun
yeoreum.yun at arm.com
Tue Aug 19 02:11:02 PDT 2025
On Tue, Aug 19, 2025 at 09:38:54AM +0100, Catalin Marinas wrote:
> On Mon, Aug 18, 2025 at 08:53:57PM +0100, Yeoreum Yun wrote:
> > > On Sat, Aug 16, 2025 at 03:57:49PM +0100, Yeoreum Yun wrote:
> > > > why we need to care about the different settings for tag checking when
> > > > we use uaccess_disable_privileged()?
> [...]
> > > > But, although tag check fault happens in kernel side,
> > > > It seems to be handled by fixup code if user address is wrong.
> > >
> > > The user may know it is wrong and not care (e.g. one wants to keep using
> > > a buggy application).
> >
> > Then Does this example -- ignoring wrong and keep using a buggy
> > application shows us that we need to enable TCO when
> > we runs the LSUI instruction?
> >
> > AFAIK, LSUI instruction also check memory tag -- i.e) ldtadd.
> > if passed user address which has unmatched tag and if user isn't
> > interested in tah check, It can meet the unexpected report from KASAN.
>
> That's a valid point w.r.t. PSTATE.TCO that applies to copy_to/from_user
> as well. I don't think we documented it but we don't expect the user
> PSTATE.TCO state to be taken into account while doing uaccess from the
> kernel. We do, however, expect SCTLR_EL1.TCF0 to be honoured and that's
> what the user normally tweaks via a prctl(). The TCO is meant to
> disable tag checking briefly when TCF enabled the tag check faults.
So, IMHO, as copy_to/from_user (ldt/sttr) enable tco before it operates,
I think futex using LSUI should enable TCO bit
before it calls LSUI instruction.
Otherwise, this sounds have a inconsistency of allowing TCF according to
SCTLR_EL1.TCF (not 0)'s configuration while kernel accescss user memory.
Am I on right way?
Thanks.
> --
> Catalin
--
Sincerely,
Yeoreum Yun
More information about the linux-arm-kernel
mailing list