From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 77CA1CCA480
	for <linux-mm@archiver.kernel.org>; Thu, 16 Jun 2022 16:44:46 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 0A49E6B0072; Thu, 16 Jun 2022 12:44:46 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 054B96B0074; Thu, 16 Jun 2022 12:44:45 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id E5EBB6B0075; Thu, 16 Jun 2022 12:44:45 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id D7D5B6B0072
	for <linux-mm@kvack.org>; Thu, 16 Jun 2022 12:44:45 -0400 (EDT)
Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay12.hostedemail.com (Postfix) with ESMTP id B23BE12029C
	for <linux-mm@kvack.org>; Thu, 16 Jun 2022 16:44:45 +0000 (UTC)
X-FDA: 79584672930.21.064B9D5
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
	by imf14.hostedemail.com (Postfix) with ESMTP id ED1D2100072
	for <linux-mm@kvack.org>; Thu, 16 Jun 2022 16:44:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1655397883; x=1686933883;
  h=date:from:to:cc:subject:message-id:references:
   mime-version:in-reply-to;
  bh=AdP8Dk9pXfh/UDGbaguw7FM/+lSMWsYqrPnRmQpgFSk=;
  b=GF6Xsr3ovwFIJJBJRSdeXJZa25zlII1qT0oxmf0atBmJTAumFDshUXtN
   GrlnHynUmZZNlRUpC1htigtI7tVFTDBLHj3f5pLIF71NhO60zmSgNWi+S
   KI73EFsMgCFBD0tF9lFfb9CBSEWCs1WA0Wva965TBHxUSdcChXYx5P6Q5
   /9NqPg6XmkRu8Lt65omk9WXBqn0tZalJhluC6pN1qVZ7um5enLcYi/IuX
   Jg9l38T7/JZCqIDXsIyry9pjXRIT5kwwdXU8x3qKH7KjHUjp/6jYUATk/
   nlxzmdLLmAg+4D5w3i7dGd7WxuGqGUQijxtOAV6SVoar55tS/UBPJboLl
   w==;
X-IronPort-AV: E=McAfee;i="6400,9594,10380"; a="276867870"
X-IronPort-AV: E=Sophos;i="5.92,305,1650956400"; 
   d="scan'208";a="276867870"
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Jun 2022 09:44:40 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.92,305,1650956400"; 
   d="scan'208";a="762922183"
Received: from black.fi.intel.com ([10.237.72.28])
  by orsmga005.jf.intel.com with ESMTP; 16 Jun 2022 09:44:36 -0700
Received: by black.fi.intel.com (Postfix, from userid 1000)
	id DC857109; Thu, 16 Jun 2022 19:44:40 +0300 (EEST)
Date: Thu, 16 Jun 2022 19:44:40 +0300
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>,
	"Lutomirski, Andy" <luto@kernel.org>,
	"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"hjl.tools@gmail.com" <hjl.tools@gmail.com>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	"kcc@google.com" <kcc@google.com>,
	"andreyknvl@gmail.com" <andreyknvl@gmail.com>,
	"ak@linux.intel.com" <ak@linux.intel.com>,
	"dvyukov@google.com" <dvyukov@google.com>,
	"x86@kernel.org" <x86@kernel.org>,
	"ryabinin.a.a@gmail.com" <ryabinin.a.a@gmail.com>,
	"glider@google.com" <glider@google.com>
Subject: Re: [PATCHv3 5/8] x86/uaccess: Provide untagged_addr() and remove
 tags before address check
Message-ID: <20220616164440.vw7sqnof6grrmnvl@black.fi.intel.com>
References: <20220610143527.22974-1-kirill.shutemov@linux.intel.com>
 <20220610143527.22974-6-kirill.shutemov@linux.intel.com>
 <c7e2f8fb44da067e7565d091edeac300977b65ed.camel@intel.com>
 <Yqr4SVMyHRTkc+LN@hirez.programming.kicks-ass.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Yqr4SVMyHRTkc+LN@hirez.programming.kicks-ass.net>
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1655397883;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=fulTwSjIZOLBtFTPNUbPqgTw/EjR/qoY+Ny11/0MzTI=;
	b=YocGpGjVHri62kbHgBdrfKWPwyJ5R/abfm7yLCnb1watAom0Sf4k3hXQVOlQ1gagAYfNGM
	nIh54dBBWREvi+Tdq4eqxqV0HAhoOpvPU7wI2h4EsT+TGmNPJ8GmxA/sZl74T/boKdyZ4H
	uejNWQQkPD6P9qFzl5w/MoMtl/cDbyE=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1655397883; a=rsa-sha256;
	cv=none;
	b=zE2l8F1Ap6HhIBhSoYWXv2sl9ptOe4A9eH09xHasr3jBfoHkvVwXfZFFSjdBEsEtKWJ9bP
	EAo5ACXzY5uhvLYYzWSjlURC0SqRHOyoPjUb07gKlmy44hnHu7+dlMF+pRuE/Y6H2NM09F
	KQXT6Ic2fDDWchcJsMtdu59oyiGxtNk=
ARC-Authentication-Results: i=1;
	imf14.hostedemail.com;
	dkim=pass header.d=intel.com header.s=Intel header.b=GF6Xsr3o;
	dmarc=pass (policy=none) header.from=intel.com;
	spf=none (imf14.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 192.55.52.93) smtp.mailfrom=kirill.shutemov@linux.intel.com
Authentication-Results: imf14.hostedemail.com;
	dkim=pass header.d=intel.com header.s=Intel header.b=GF6Xsr3o;
	dmarc=pass (policy=none) header.from=intel.com;
	spf=none (imf14.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 192.55.52.93) smtp.mailfrom=kirill.shutemov@linux.intel.com
X-Rspam-User: 
X-Rspamd-Server: rspam03
X-Rspamd-Queue-Id: ED1D2100072
X-Stat-Signature: xsjenrxa8m6r57hwynsda9pf7gipdjf9
X-HE-Tag: 1655397882-750081
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Jun 16, 2022 at 11:30:49AM +0200, Peter Zijlstra wrote:
> On Mon, Jun 13, 2022 at 05:36:43PM +0000, Edgecombe, Rick P wrote:
> > On Fri, 2022-06-10 at 17:35 +0300, Kirill A. Shutemov wrote:
> > > +#ifdef CONFIG_X86_64
> > > +/*
> > > + * Mask out tag bits from the address.
> > > + *
> > > + * Magic with the 'sign' allows to untag userspace pointer without
> > > any branches
> > > + * while leaving kernel addresses intact.
> > 
> > Trying to understand the magic part here. I guess how it works is, when
> > the high bit is set, it does the opposite of untagging the addresses by
> > setting the tag bits instead of clearing them. So:
> 
> The magic is really rather simple to see; there's two observations:
> 
>   x ^ y ^ y == x
> 
> That is; xor is it's own inverse. And secondly, xor with 1 is a bit
> toggle.
> 
> So if we mask a negative value, we destroy the sign. Therefore, if we
> xor with the sign-bit, we have a nop for positive numbers and a toggle
> for negatives (effectively making them positive, -1, 2s complement
> yada-yada) then we can mask, without fear of destroying the sign, and
> then we xor again to undo whatever we did before, effectively restoring
> the sign.
> 
> Anyway, concequence of all this is that LAM_U48 won't work correct on
> 5-level kernels, because the mask will still destroy kernel pointers.

Any objection against this variant (was posted in the thread):

       	#define untagged_addr(mm, addr) ({                                      \
               	u64 __addr = (__force u64)(addr);                               \
               	s64 sign = (s64)__addr >> 63;                                   \
               	__addr &= (mm)->context.untag_mask | sign;                      \
               	(__force __typeof__(addr))__addr;                               \
       	})

?

I find it easier to follow and it is LAM_U48-safe.

-- 
 Kirill A. Shutemov