From: Jessica Clarke <jrtc27@jrtc27.com>
To: "Christoph Lameter (Ampere)" <cl@gentwo.org>
Cc: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com>,
luto@kernel.org, xin@zytor.com, kirill.shutemov@linux.intel.com,
palmer@dabbelt.com, tj@kernel.org, andreyknvl@gmail.com,
brgerst@gmail.com, ardb@kernel.org, dave.hansen@linux.intel.com,
jgross@suse.com, will@kernel.org, akpm@linux-foundation.org,
arnd@arndb.de, corbet@lwn.net, dvyukov@google.com,
richard.weiyang@gmail.com, ytcoode@gmail.com, tglx@linutronix.de,
hpa@zytor.com, seanjc@google.com, paul.walmsley@sifive.com,
aou@eecs.berkeley.edu, justinstitt@google.com,
jason.andryuk@amd.com, glider@google.com, ubizjak@gmail.com,
jannh@google.com, bhe@redhat.com, vincenzo.frascino@arm.com,
rafael.j.wysocki@intel.com, ndesaulniers@google.com,
mingo@redhat.com, catalin.marinas@arm.com,
junichi.nomura@nec.com, nathan@kernel.org,
ryabinin.a.a@gmail.com, dennis@kernel.org, bp@alien8.de,
kevinloughlin@google.com, morbo@google.com,
dan.j.williams@intel.com, julian.stecklina@cyberus-technology.de,
peterz@infradead.org, kees@kernel.org,
kasan-dev@googlegroups.com, x86@kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, llvm@lists.linux.dev,
linux-doc@vger.kernel.org
Subject: Re: [PATCH 00/15] kasan: x86: arm64: risc-v: KASAN tag-based mode for x86
Date: Tue, 4 Feb 2025 23:36:23 +0000 [thread overview]
Message-ID: <0BDD645A-3BBE-4A85-9098-257B281A3BA0@jrtc27.com> (raw)
In-Reply-To: <8bd9c793-aac6-a330-ea8f-3bde0230a20b@gentwo.org>
On 4 Feb 2025, at 18:58, Christoph Lameter (Ampere) <cl@gentwo.org> wrote:
> ARM64 supports MTE which is hardware support for tagging 16 byte granules
> and verification of tags in pointers all in hardware and on some platforms
> with *no* performance penalty since the tag is stored in the ECC areas of
> DRAM and verified at the same time as the ECC.
>
> Could we get support for that? This would allow us to enable tag checking
> in production systems without performance penalty and no memory overhead.
It’s not “no performance penalty”, there is a cost to tracking the MTE
tags for checking. In asynchronous (or asymmetric) mode that’s not too
bad, but in synchronous mode there is a significant overhead even with
ECC. Normally on a store, once you’ve translated it and have the data,
you can buffer it up and defer the actual write until some time later.
If you hit in the L1 cache then that will probably be quite soon, but
if you miss then you have to wait for the data to come back from lower
levels of the hierarchy, potentially all the way out to DRAM. Or if you
have a write-around cache then you just send it out to the next level
when it’s ready. But now, if you have synchronous MTE, you cannot
retire your store instruction until you know what the tag for the
location you’re storing to is; effectively you have to wait until you
can do the full cache lookup, and potentially miss, until it can
retire. This puts pressure on the various microarchitectural structures
that track instructions as they get executed, as instructions are now
in flight for longer. Yes, it may well be that it is quicker for the
memory controller to get the tags from ECC bits than via some other
means, but you’re already paying many many cycles at that point, with
the relevant store being stuck unable to retire (and thus every
instruction after it in the instruction stream) that whole time, and no
write allocate or write around schemes can help you, because you
fundamentally have to wait for the tags to be read before you know if
the instruction is going to trap.
Now, you can choose to not use synchronous mode due to that overhead,
but that’s nuance that isn’t considered by your reply here and has some
consequences.
Jess
next prev parent reply other threads:[~2025-02-04 23:36 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-04 17:33 Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 01/15] kasan: Allocation enhancement for dense tag-based mode Maciej Wieczor-Retman
2025-02-05 23:43 ` Andrey Konovalov
2025-02-06 12:57 ` Maciej Wieczor-Retman
2025-02-06 18:14 ` Andrey Konovalov
2025-02-04 17:33 ` [PATCH 02/15] kasan: Tag checking with " Maciej Wieczor-Retman
2025-02-05 23:45 ` Andrey Konovalov
2025-02-06 14:55 ` Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 03/15] kasan: Vmalloc dense tag-based mode support Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 04/15] kasan: arm64: x86: risc-v: Make special tags arch specific Maciej Wieczor-Retman
2025-02-05 20:20 ` Palmer Dabbelt
2025-02-06 11:22 ` Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 05/15] x86: Add arch specific kasan functions Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 06/15] x86: Reset tag for virtual to physical address conversions Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 07/15] mm: Pcpu chunk address tag reset Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 08/15] x86: Physical address comparisons in fill_p*d/pte Maciej Wieczor-Retman
2025-02-06 0:57 ` Dave Hansen
2025-02-07 16:37 ` Maciej Wieczor-Retman
2025-02-11 19:59 ` Dave Hansen
2025-02-04 17:33 ` [PATCH 09/15] x86: Physical address comparison in current_mm pgd check Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 10/15] x86: KASAN raw shadow memory PTE init Maciej Wieczor-Retman
2025-02-05 23:45 ` Andrey Konovalov
2025-02-06 15:39 ` Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 11/15] x86: LAM initialization Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 12/15] x86: Minimal SLAB alignment Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 13/15] x86: runtime_const used for KASAN_SHADOW_END Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 14/15] x86: Make software tag-based kasan available Maciej Wieczor-Retman
2025-02-04 17:33 ` [PATCH 15/15] kasan: Add mititgation and debug modes Maciej Wieczor-Retman
2025-02-05 23:46 ` Andrey Konovalov
2025-02-07 9:08 ` Maciej Wieczor-Retman
2025-02-04 18:58 ` [PATCH 00/15] kasan: x86: arm64: risc-v: KASAN tag-based mode for x86 Christoph Lameter (Ampere)
2025-02-04 21:05 ` Dave Hansen
2025-02-05 18:59 ` Christoph Lameter (Ampere)
2025-02-05 23:04 ` Ard Biesheuvel
2025-02-04 23:36 ` Jessica Clarke
2025-02-05 18:51 ` Christoph Lameter (Ampere)
2025-02-06 1:05 ` Jessica Clarke
2025-02-06 19:11 ` Christoph Lameter (Ampere)
2025-02-06 21:41 ` Dave Hansen
2025-02-07 7:41 ` Maciej Wieczor-Retman
2025-02-06 22:56 ` Andrey Konovalov
2025-02-04 23:36 ` Jessica Clarke [this message]
2025-02-05 23:40 ` Andrey Konovalov
2025-02-06 10:40 ` Maciej Wieczor-Retman
2025-02-06 18:10 ` Andrey Konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0BDD645A-3BBE-4A85-9098-257B281A3BA0@jrtc27.com \
--to=jrtc27@jrtc27.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=aou@eecs.berkeley.edu \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=catalin.marinas@arm.com \
--cc=cl@gentwo.org \
--cc=corbet@lwn.net \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dennis@kernel.org \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=jason.andryuk@amd.com \
--cc=jgross@suse.com \
--cc=julian.stecklina@cyberus-technology.de \
--cc=junichi.nomura@nec.com \
--cc=justinstitt@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kees@kernel.org \
--cc=kevinloughlin@google.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=llvm@lists.linux.dev \
--cc=luto@kernel.org \
--cc=maciej.wieczor-retman@intel.com \
--cc=mingo@redhat.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=peterz@infradead.org \
--cc=rafael.j.wysocki@intel.com \
--cc=richard.weiyang@gmail.com \
--cc=ryabinin.a.a@gmail.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tj@kernel.org \
--cc=ubizjak@gmail.com \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
--cc=ytcoode@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox