From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Tmhe=CG=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-17.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,
	USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 43D98C433E2
	for <linux-mm@archiver.kernel.org>; Fri, 28 Aug 2020 12:28:38 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id AF83520848
	for <linux-mm@archiver.kernel.org>; Fri, 28 Aug 2020 12:28:37 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="X+FVf6O2"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AF83520848
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 074406B0003; Fri, 28 Aug 2020 08:28:37 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 024CD8D0001; Fri, 28 Aug 2020 08:28:36 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id E553F6B0007; Fri, 28 Aug 2020 08:28:36 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0028.hostedemail.com [216.40.44.28])
	by kanga.kvack.org (Postfix) with ESMTP id CD9B56B0003
	for <linux-mm@kvack.org>; Fri, 28 Aug 2020 08:28:36 -0400 (EDT)
Received: from smtpin29.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with ESMTP id 84BDB181AEF10
	for <linux-mm@kvack.org>; Fri, 28 Aug 2020 12:28:36 +0000 (UTC)
X-FDA: 77199905832.29.robin05_170f2d427075
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin29.hostedemail.com (Postfix) with ESMTP id 57B5D18086CC7
	for <linux-mm@kvack.org>; Fri, 28 Aug 2020 12:28:36 +0000 (UTC)
X-HE-Tag: robin05_170f2d427075
X-Filterd-Recvd-Size: 7462
Received: from mail-pj1-f65.google.com (mail-pj1-f65.google.com [209.85.216.65])
	by imf11.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Fri, 28 Aug 2020 12:28:35 +0000 (UTC)
Received: by mail-pj1-f65.google.com with SMTP id mt12so434421pjb.4
        for <linux-mm@kvack.org>; Fri, 28 Aug 2020 05:28:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=yn8qp0pF0/ymUX0XYVgXndiqVwNlWscX3zxb5Gz4UJU=;
        b=X+FVf6O2bFdGzHWCgjCVD7j07pWnLrK8pDEB5dJnuBAu/1F1HKyE/tVrR3DRtYNMya
         K2cxsdNeQTdW/cf8AxIBxcdnw/3Q5y1XGI5F1JUxfSwtfez0txiFW7IW40UV6G+R42/b
         yALQTnIGOqqF8ftT9SqLysAXjXYNyMLIqn1PvOg/NU801yPaSTppbr6uOiLwoMnOF8YO
         cHAqvsryqhxVYEwQAZu+2u11KG4AN/uIwiePYtMvXettO0NAy4QYXuwm6t8OVbQjGuwl
         VFLEJ/EFZOxdq76gNC+vdgubsan2Ta9NlfJfeSuu5sd1vZVPCP1349OMVHCsWM/mNP3C
         RKSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=yn8qp0pF0/ymUX0XYVgXndiqVwNlWscX3zxb5Gz4UJU=;
        b=KFgcQpu/7bn2zde7Px/JFO2EVy+f8SgsPZlvy8tolQr8HSsZphl3YLEwsgjJy5rTwJ
         3SjReXsJnGNbxNisb8csRNpodrqe924lk2ZCxQi53Izho5l0pCSc55OSD+K9osfFa8Ob
         /9Qdrw9jhht8+W+79puHT3h5QyGxTfINPNz+aEpGWZx3axvYIuFheo2rQviljMZp+q29
         SE/kA/AKX2HRKsice3jFNwI4kbU96JyTwjUehXHYLkzvZasysrkQA4P4j8WjMzIg4H0l
         KTMQGtwkNOAeMS48+dqYqQh3vdFe8z6lQlEX6f2p25fAgkZf1WV+Q1moF7IHMsw9Rt6X
         ro/w==
X-Gm-Message-State: AOAM532cdqo2M1vp50Hyd/hiFjzSFbNCGdEapB6ctZQm6bJrPzWFL8+L
	lHWwS7Sa1rYrcq2bu0V/Fh/bUnC46Ap2VhE13ShNQw==
X-Google-Smtp-Source: ABdhPJzVZkYCWWsHu7+PNcR14S9/KpmQmb3zA6Q9/eo/rw8us10i1Vm/2ObVdHhvBAhwplZzBagcUgtxDPrC1liV4rI=
X-Received: by 2002:a17:90a:a791:: with SMTP id f17mr1015324pjq.136.1598617714338;
 Fri, 28 Aug 2020 05:28:34 -0700 (PDT)
MIME-Version: 1.0
References: <cover.1597425745.git.andreyknvl@google.com> <5d0f3c0ee55c58ffa9f58bdea6fa6bf4f6f973a4.1597425745.git.andreyknvl@google.com>
 <20200828111221.GA185387@elver.google.com>
In-Reply-To: <20200828111221.GA185387@elver.google.com>
From: Andrey Konovalov <andreyknvl@google.com>
Date: Fri, 28 Aug 2020 14:28:23 +0200
Message-ID: <CAAeHK+zpKXQT4-6CfVt1BfXr=SdYjWjhMR_0yV4Wncbz7Aq73w@mail.gmail.com>
Subject: Re: [PATCH 35/35] kasan: add documentation for hardware tag-based mode
To: Marco Elver <elver@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>, Vincenzo Frascino <vincenzo.frascino@arm.com>, 
	Catalin Marinas <catalin.marinas@arm.com>, kasan-dev <kasan-dev@googlegroups.com>, 
	Andrey Ryabinin <aryabinin@virtuozzo.com>, Alexander Potapenko <glider@google.com>, 
	Evgenii Stepanov <eugenis@google.com>, Elena Petrova <lenaptr@google.com>, 
	Branislav Rankov <Branislav.Rankov@arm.com>, Kevin Brodsky <kevin.brodsky@arm.com>, 
	Will Deacon <will.deacon@arm.com>, Andrew Morton <akpm@linux-foundation.org>, 
	Linux ARM <linux-arm-kernel@lists.infradead.org>, 
	Linux Memory Management List <linux-mm@kvack.org>, LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 57B5D18086CC7
X-Spamd-Result: default: False [0.00 / 100.00]
X-Rspamd-Server: rspam05
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Aug 28, 2020 at 1:12 PM Marco Elver <elver@google.com> wrote:
>
> On Fri, Aug 14, 2020 at 07:27PM +0200, Andrey Konovalov wrote:
> > Add documentation for hardware tag-based KASAN mode and also add some
> > clarifications for software tag-based mode.
> >
> > Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> > ---
> >  Documentation/dev-tools/kasan.rst | 73 +++++++++++++++++++++----------
> >  1 file changed, 51 insertions(+), 22 deletions(-)
> >
> > diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
> > index a3030fc6afe5..aeed89d6eaf5 100644
> [...]
> > -Tag-based KASAN uses the Top Byte Ignore (TBI) feature of modern arm64 CPUs to
> > -store a pointer tag in the top byte of kernel pointers. Like generic KASAN it
> > -uses shadow memory to store memory tags associated with each 16-byte memory
> > -cell (therefore it dedicates 1/16th of the kernel memory for shadow memory).
> > +Software tag-based KASAN uses the Top Byte Ignore (TBI) feature of modern arm64
> > +CPUs to store a pointer tag in the top byte of kernel pointers. Like generic
> > +KASAN it uses shadow memory to store memory tags associated with each 16-byte
> > +memory cell (therefore it dedicates 1/16th of the kernel memory for shadow
> > +memory).
>
> It might be helpful to be more specific vs. saying "modern arm64 CPUs".
> Does the "modern" qualifier suggest not all arm64 CPUs support the
> feature?  (HW tag-based KASAN below is specific, and mentions ARMv8.5.)

Will clarify this in v2.

> > +On each memory allocation software tag-based KASAN generates a random tag, tags
> > +the allocated memory with this tag, and embeds this tag into the returned
> > +pointer.
> >
> > -On each memory allocation tag-based KASAN generates a random tag, tags the
> > -allocated memory with this tag, and embeds this tag into the returned pointer.
> >  Software tag-based KASAN uses compile-time instrumentation to insert checks
> >  before each memory access. These checks make sure that tag of the memory that
> >  is being accessed is equal to tag of the pointer that is used to access this
> > -memory. In case of a tag mismatch tag-based KASAN prints a bug report.
> > +memory. In case of a tag mismatch software tag-based KASAN prints a bug report.
> >
> >  Software tag-based KASAN also has two instrumentation modes (outline, that
> >  emits callbacks to check memory accesses; and inline, that performs the shadow
> > @@ -215,9 +222,31 @@ simply printed from the function that performs the access check. With inline
> >  instrumentation a brk instruction is emitted by the compiler, and a dedicated
> >  brk handler is used to print bug reports.
> >
> > -A potential expansion of this mode is a hardware tag-based mode, which would
> > -use hardware memory tagging support instead of compiler instrumentation and
> > -manual shadow memory manipulation.
> > +Software tag-based KASAN uses 0xFF as a match-all pointer tag (accesses aren't
> > +checked).
> > +
> > +Software tag-based KASAN currently only supports tagging of slab memory.
> > +
> > +Hardware tag-based KASAN
> > +~~~~~~~~~~~~~~~~~~~~~~~~
> > +
> > +Hardware tag-based KASAN is similar to the software mode in concept, but uses
> > +hardware memory tagging support instead of compiler instrumentation and
> > +shadow memory.
> > +
> > +Hardware tag-based KASAN is based on both arm64 Memory Tagging Extension (MTE)
> > +introduced in ARMv8.5 Instruction Set Architecture, and Top Byte Ignore (TBI).
>
> Is there anything inherently tying tag-based KASAN to arm64?

Not really, the approach is generic and can be used by any arch that
supports memory tagging.

> I guess if
> some other architecture supports MTE, they just have to touch arch/,
> right?

For the most part - yes, but maybe adjustments to the generic code
will be required. No way to know before one tries to integrate another
arch.

> You could reword to say that "Hardware tag-based KASAN is currently only
> supported on the ARM64 architecture.
>
> On the ARM64 architecture, tag-based KASAN is based on both ..."

Will do in v2, thanks!