From: Alexander Potapenko <glider@google.com>
To: David Laight <David.Laight@aculab.com>
Cc: Dave Hansen <dave.hansen@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Peter Zijlstra <peterz@infradead.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
Dmitry Vyukov <dvyukov@google.com>,
"H . J . Lu" <hjl.tools@gmail.com>,
Andi Kleen <ak@linux.intel.com>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Linux Memory Management List <linux-mm@kvack.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [RFCv2 00/10] Linear Address Masking enabling
Date: Fri, 13 May 2022 14:26:15 +0200 [thread overview]
Message-ID: <CAG_fn=XUqzBWzuU0cmjUoSfHTv6pN=LCqGh7Ns8kgR6L169bPw@mail.gmail.com> (raw)
In-Reply-To: <8a47d0ee50b44520a6f26177e6fe7ec5@AcuMS.aculab.com>
On Fri, May 13, 2022 at 1:28 PM David Laight <David.Laight@aculab.com> wrote:
>
> ...
> > Once we have the possibility to store tags in the pointers, we don't
> > need redzones for heap/stack objects anymore, which saves quite a bit
> > of memory.
>
> You still need redzones.
> The high bits are ignored for actual memory accesses.
>
> To do otherwise you'd need the high bits to be in the PTE,
> copied to the TLB and finally get into the cache tag.
>
> Then you'd have to use the correct tags for each page.
Sorry, I don't understand how this is relevant to HWASan in the userspace.
Like in ASan, we have a custom allocator that assigns tags to heap
objects. The assigned tag is stored in both the shadow memory for the
object and the pointer returned by the allocator.
Instrumentation inserted by the compiler checks the pointer before
every memory access and ensures that its tag matches the tag of the
object in the shadow memory.
A tag mismatch is reported as an out-of-bounds or a use-after-free,
depending on whether the accessed memory is still considered
allocated.
Because objects with different tags follow each other, there is no
need to add extra redzones to the objects to detect buffer overflows.
(We might need to increase the object alignment though, but that's a
different story).
>
> David
>
> -
> Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
> Registration No: 1397386 (Wales)
--
Alexander Potapenko
Software Engineer
Google Germany GmbH
Erika-Mann-Straße, 33
80636 München
Geschäftsführer: Paul Manicle, Liana Sebastian
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Diese E-Mail ist vertraulich. Falls Sie diese fälschlicherweise
erhalten haben sollten, leiten Sie diese bitte nicht an jemand anderes
weiter, löschen Sie alle Kopien und Anhänge davon und lassen Sie mich
bitte wissen, dass die E-Mail an die falsche Person gesendet wurde.
This e-mail is confidential. If you received this communication by
mistake, please don't forward it to anyone else, please erase all
copies and attachments, and please let me know that it has gone to the
wrong person.
next prev parent reply other threads:[~2022-05-13 12:26 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-11 2:27 Kirill A. Shutemov
2022-05-11 2:27 ` [PATCH] x86: Implement Linear Address Masking support Kirill A. Shutemov
2022-05-12 13:01 ` David Laight
2022-05-12 14:07 ` Matthew Wilcox
2022-05-12 15:06 ` Thomas Gleixner
2022-05-12 15:33 ` David Laight
2022-05-12 14:35 ` Peter Zijlstra
2022-05-12 17:00 ` Kirill A. Shutemov
2022-05-11 2:27 ` [RFCv2 01/10] x86/mm: Fix CR3_ADDR_MASK Kirill A. Shutemov
2022-05-11 2:27 ` [RFCv2 02/10] x86: CPUID and CR3/CR4 flags for Linear Address Masking Kirill A. Shutemov
2022-05-11 2:27 ` [RFCv2 03/10] x86: Introduce userspace API to handle per-thread features Kirill A. Shutemov
2022-05-12 12:02 ` Thomas Gleixner
2022-05-12 12:04 ` [PATCH] x86/prctl: Remove pointless task argument Thomas Gleixner
2022-05-13 14:09 ` [RFCv2 03/10] x86: Introduce userspace API to handle per-thread features Alexander Potapenko
2022-05-13 17:34 ` Edgecombe, Rick P
2022-05-13 23:09 ` Kirill A. Shutemov
2022-05-13 23:50 ` Edgecombe, Rick P
2022-05-14 8:37 ` Thomas Gleixner
2022-05-14 23:06 ` Edgecombe, Rick P
2022-05-15 9:02 ` Thomas Gleixner
2022-05-15 18:24 ` Edgecombe, Rick P
2022-05-15 19:38 ` Thomas Gleixner
2022-05-15 22:01 ` Edgecombe, Rick P
2022-05-11 2:27 ` [RFCv2 04/10] x86/mm: Introduce X86_THREAD_LAM_U48 and X86_THREAD_LAM_U57 Kirill A. Shutemov
2022-05-11 7:02 ` Peter Zijlstra
2022-05-12 12:24 ` Thomas Gleixner
2022-05-12 14:37 ` Peter Zijlstra
2022-05-11 2:27 ` [RFCv2 05/10] x86/mm: Provide untagged_addr() helper Kirill A. Shutemov
2022-05-11 7:21 ` Peter Zijlstra
2022-05-11 7:45 ` Peter Zijlstra
2022-05-12 13:06 ` Thomas Gleixner
2022-05-12 14:23 ` Peter Zijlstra
2022-05-12 15:16 ` Thomas Gleixner
2022-05-12 23:14 ` Thomas Gleixner
2022-05-13 10:14 ` David Laight
2022-05-11 2:27 ` [RFCv2 06/10] x86/uaccess: Remove tags from the address before checking Kirill A. Shutemov
2022-05-12 13:02 ` David Laight
2022-05-11 2:27 ` [RFCv2 07/10] x86/mm: Handle tagged memory accesses from kernel threads Kirill A. Shutemov
2022-05-11 7:23 ` Peter Zijlstra
2022-05-12 13:30 ` Thomas Gleixner
2022-05-11 2:27 ` [RFCv2 08/10] x86/mm: Make LAM_U48 and mappings above 47-bits mutually exclusive Kirill A. Shutemov
2022-05-12 13:36 ` Thomas Gleixner
2022-05-13 23:22 ` Kirill A. Shutemov
2022-05-14 8:37 ` Thomas Gleixner
2022-05-18 8:43 ` Bharata B Rao
2022-05-18 17:08 ` Kirill A. Shutemov
2022-05-11 2:27 ` [RFCv2 09/10] x86/mm: Add userspace API to enable Linear Address Masking Kirill A. Shutemov
2022-05-11 7:26 ` Peter Zijlstra
2022-05-12 14:46 ` Thomas Gleixner
2022-05-11 14:15 ` H.J. Lu
2022-05-12 14:21 ` Thomas Gleixner
2022-05-11 2:27 ` [RFCv2 10/10] x86: Expose thread features status in /proc/$PID/arch_status Kirill A. Shutemov
2022-05-11 6:49 ` [RFCv2 00/10] Linear Address Masking enabling Peter Zijlstra
2022-05-12 15:42 ` Thomas Gleixner
2022-05-12 16:56 ` Kirill A. Shutemov
2022-05-12 19:31 ` Thomas Gleixner
2022-05-12 23:21 ` Thomas Gleixner
2022-05-12 17:22 ` Dave Hansen
2022-05-12 19:39 ` Thomas Gleixner
2022-05-12 21:24 ` Thomas Gleixner
2022-05-13 14:43 ` Matthew Wilcox
2022-05-13 22:59 ` Kirill A. Shutemov
2022-05-12 21:51 ` Dave Hansen
2022-05-12 22:10 ` H.J. Lu
2022-05-12 23:35 ` Thomas Gleixner
2022-05-13 0:08 ` H.J. Lu
2022-05-13 0:46 ` Dave Hansen
2022-05-13 1:27 ` Thomas Gleixner
2022-05-13 3:05 ` Dave Hansen
2022-05-13 8:28 ` Thomas Gleixner
2022-05-13 22:48 ` Kirill A. Shutemov
2022-05-13 9:14 ` Catalin Marinas
2022-05-13 9:26 ` Thomas Gleixner
2022-05-13 0:46 ` Thomas Gleixner
2022-05-13 11:07 ` Alexander Potapenko
2022-05-13 11:28 ` David Laight
2022-05-13 12:26 ` Alexander Potapenko [this message]
2022-05-13 14:26 ` David Laight
2022-05-13 15:28 ` Alexander Potapenko
2022-05-13 23:01 ` Kirill A. Shutemov
2022-05-14 10:00 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAG_fn=XUqzBWzuU0cmjUoSfHTv6pN=LCqGh7Ns8kgR6L169bPw@mail.gmail.com' \
--to=glider@google.com \
--cc=David.Laight@aculab.com \
--cc=ak@linux.intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=hjl.tools@gmail.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox