From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01979C433EF for ; Fri, 10 Jun 2022 20:22:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4F1C88D00E0; Fri, 10 Jun 2022 16:22:23 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4A08D8D00DC; Fri, 10 Jun 2022 16:22:23 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 38FDF8D00E0; Fri, 10 Jun 2022 16:22:23 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2AD268D00DC for ; Fri, 10 Jun 2022 16:22:23 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay12.hostedemail.com (Postfix) with ESMTP id E6FCA12025B for ; Fri, 10 Jun 2022 20:22:22 +0000 (UTC) X-FDA: 79563448524.20.CCF7CD0 Received: from mail-il1-f181.google.com (mail-il1-f181.google.com [209.85.166.181]) by imf04.hostedemail.com (Postfix) with ESMTP id 86B9A40076 for ; Fri, 10 Jun 2022 20:22:22 +0000 (UTC) Received: by mail-il1-f181.google.com with SMTP id r3so144420ilt.8 for ; Fri, 10 Jun 2022 13:22:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=CMK9HHoC+CkaS7ESlgdwWQx56QlM6DUYZIowUim1ARU=; b=ZLB1iJbyDobtzDI6Is5SV0nGWNdc2St9G6RlgjYVVGp0uVrZ6v4ZI92gVUwT0/BUmg J1/JWP6jEh3acyYwnnlCKNfItePYtpwUoe4FsgljkRzHTiAD8WdXLlFypHP5c9KtpVT6 OVc61CGaDh4DF57LxzGE9s/A9/9Jq6BpcSWUXxunYSqP+/8OBDRgx34AFQV8gQtQVb3g TJs4tFwoXAMtvtHU5s1KN/0NC9+7/vIBAv1VmSLm104PLcIWCxPocPztCu5rDgBE5O8v HDOefH58ccSQ3qHiFcHoLvaXVgGb1gZxnK5xmyQvSOufs5BGfU+dJ3Efrt+8fZGNdIVA R/ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=CMK9HHoC+CkaS7ESlgdwWQx56QlM6DUYZIowUim1ARU=; b=URw8HUx/zOehZ77zHyPkKkLAAwGh7dXJ/V023ATeXeeEPJGyMeQjMGaC5ZdcGRAAPv xOzA3f/Jd+7TCD8B1MihptvgZ/T+Pzw9VuMK2viUHQPiInKnivvkJ2BIXUbg0jcu52JK s2I6SubKXCGgRX9SAmCo2vDDiIOP1ofSf0SIN8oHxB5odg9ycVo90AqOJeQ/bOJ2kMr/ LG3YWNUtEJ9yI+3xcRduGKyItQXnfi8VcrR929vDAgQqzKUlgNgoNKrUXEgSi15Zad9Z h2cZ5U4phXz3S2cF/tp6bt8g6Ca+O6uDfFXIa9KflBlN9OyJSb6vmLzmBqeJlWijqtVW dopg== X-Gm-Message-State: AOAM533twOrlxynTowfwPN8PKvYQ8m8U82pHuWM/3H4/mMSqvi8Rc0Jw u5KpMcBIeLkGwiYVGSS1ac8vjwjzvNf05yX+uUsWyw== X-Google-Smtp-Source: ABdhPJx7aIDRy4/ea1YuQNAB9DPV8h6BLDUQFCm0oW5u78S9oIvdyHsF8T9YMmUUAdQ8H6gdA9z+fhfk2kTAUFocyQI= X-Received: by 2002:a92:c24c:0:b0:2d1:cdd0:1959 with SMTP id k12-20020a92c24c000000b002d1cdd01959mr25304794ilo.39.1654892541600; Fri, 10 Jun 2022 13:22:21 -0700 (PDT) MIME-Version: 1.0 References: <20220610143527.22974-1-kirill.shutemov@linux.intel.com> In-Reply-To: <20220610143527.22974-1-kirill.shutemov@linux.intel.com> From: Kostya Serebryany Date: Fri, 10 Jun 2022 13:22:09 -0700 Message-ID: Subject: Re: [PATCHv3 0/8] Linear Address Masking enabling To: "Kirill A. Shutemov" Cc: Dave Hansen , Andy Lutomirski , Peter Zijlstra , x86@kernel.org, Andrey Ryabinin , Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , "H . J . Lu" , Andi Kleen , Rick Edgecombe , linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1654892542; a=rsa-sha256; cv=none; b=W4h2ie52OQ+HiBl8BbFodIXN//bCYLqS26elxF1YZe72aEF3zG17Sx9f5OEE4a/NzJTbBd wUqu2ChbKsAlddGMi2TnzZsOTTxpS7ESjTsT5HL9hak+zFJPrUj/DEH/BvYczkJb8cOmit uibO6uLED2Zr0jRgSAHprzzDJEEvccI= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=ZLB1iJby; spf=pass (imf04.hostedemail.com: domain of kcc@google.com designates 209.85.166.181 as permitted sender) smtp.mailfrom=kcc@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1654892542; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=CMK9HHoC+CkaS7ESlgdwWQx56QlM6DUYZIowUim1ARU=; b=Prnswe71YVef/Vmh0btZYtIktsmGrBxmi/gZ83X5UrJ/32Nq7eKCTWnZkT3PnYl8F4JO/w eLC18ZbNIerKPSFtV5iDcMpVMKEwN623RAOfP3tVhaavfSPEkpj4LcPvYdezKxJWFpwUdl IHuqdnHMFKAfPKJtkmWRvOafuC1IwEA= X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 86B9A40076 X-Rspam-User: Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=ZLB1iJby; spf=pass (imf04.hostedemail.com: domain of kcc@google.com designates 209.85.166.181 as permitted sender) smtp.mailfrom=kcc@google.com; dmarc=pass (policy=reject) header.from=google.com X-Stat-Signature: gqkrzcxxwxt9ojor6bqokqtnxxxj5cbh X-HE-Tag: 1654892542-630054 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Thanks for working on this, please make LAM happen. It enables efficient memory safety testing that is already available on AAr= ch64. Memory error detectors, such as ASAN and Valgrind (or KASAN for the kernel) have limited applicability, primarily because of their run-time overheads (CPU, RAM, and code size). In many cases, the major obstacle to a wider deployment is the RAM overhead, which is typically 2x-3x. There is another = tool, HWASAN [1], which solves the same problem and has < 10% RAM overhead. This tool is available only on AArch64 because it relies on the top-byte-ignore (TBI) feature. Full support for that feature [2] has been added to the kernel in order to enable HWASAN. Adding support for LAM will enable HWASAN on x86_64. HWASAN is already the main memory safety tool for Android [3] - the reduced= RAM overhead allowed us to utilize this testing tool where ASAN=E2=80=99s RAM o= verhead was prohibitive. We have also prototyped the x86_64 variant of HWASAN, and we c= an observe that it is a major improvement over ASAN. The kernel support and hardware availability are the only missing parts. Making HWASAN available on x86_64 will enable developers of server and client software to scale up their memory safety testing, and thus improve the quality and security of their products. [1] https://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html [2] https://www.kernel.org/doc/html/latest/arm64/tagged-address-abi.html [3] https://source.android.com/devices/tech/debug/hwasan --kcc On Fri, Jun 10, 2022 at 7:35 AM Kirill A. Shutemov wrote: > > Linear Address Masking[1] (LAM) modifies the checking that is applied to > 64-bit linear addresses, allowing software to use of the untranslated > address bits for metadata. > > The patchset brings support for LAM for userspace addresses. > > LAM_U48 enabling is controversial since it competes for bits with > 5-level paging. Its enabling isolated into an optional last patch that > can be applied at maintainer's discretion. > > Please review and consider applying. > > v3: > - Rebased onto v5.19-rc1 > - Per-process enabling; > - API overhaul (again); > - Avoid branches and costly computations in the fast path; > - LAM_U48 is in optional patch. > v2: > - Rebased onto v5.18-rc1 > - New arch_prctl(2)-based API > - Expose status of LAM (or other thread features) in > /proc/$PID/arch_status > > [1] ISE, Chapter 14. > https://software.intel.com/content/dam/develop/external/us/en/documents-t= ps/architecture-instruction-set-extensions-programming-reference.pdf > > Kirill A. Shutemov (8): > x86/mm: Fix CR3_ADDR_MASK > x86: CPUID and CR3/CR4 flags for Linear Address Masking > mm: Pass down mm_struct to untagged_addr() > x86/mm: Handle LAM on context switch > x86/uaccess: Provide untagged_addr() and remove tags before address che= ck > x86/mm: Provide ARCH_GET_UNTAG_MASK and ARCH_ENABLE_TAGGED_ADDR > x86: Expose untagging mask in /proc/$PID/arch_status > x86/mm: Extend LAM to support to LAM_U48 > > arch/arm64/include/asm/memory.h | 4 +- > arch/arm64/include/asm/signal.h | 2 +- > arch/arm64/include/asm/uaccess.h | 4 +- > arch/arm64/kernel/hw_breakpoint.c | 2 +- > arch/arm64/kernel/traps.c | 4 +- > arch/arm64/mm/fault.c | 10 +-- > arch/sparc/include/asm/pgtable_64.h | 2 +- > arch/sparc/include/asm/uaccess_64.h | 2 + > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/asm/elf.h | 3 +- > arch/x86/include/asm/mmu.h | 2 + > arch/x86/include/asm/mmu_context.h | 58 +++++++++++++++++ > arch/x86/include/asm/processor-flags.h | 2 +- > arch/x86/include/asm/tlbflush.h | 3 + > arch/x86/include/asm/uaccess.h | 44 ++++++++++++- > arch/x86/include/uapi/asm/prctl.h | 3 + > arch/x86/include/uapi/asm/processor-flags.h | 6 ++ > arch/x86/kernel/Makefile | 2 + > arch/x86/kernel/fpu/xstate.c | 47 -------------- > arch/x86/kernel/proc.c | 50 +++++++++++++++ > arch/x86/kernel/process.c | 3 + > arch/x86/kernel/process_64.c | 54 +++++++++++++++- > arch/x86/kernel/sys_x86_64.c | 5 +- > arch/x86/mm/hugetlbpage.c | 6 +- > arch/x86/mm/mmap.c | 9 ++- > arch/x86/mm/tlb.c | 62 ++++++++++++++----- > .../gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 2 +- > drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c | 2 +- > drivers/gpu/drm/radeon/radeon_gem.c | 2 +- > drivers/infiniband/hw/mlx4/mr.c | 2 +- > drivers/media/common/videobuf2/frame_vector.c | 2 +- > drivers/media/v4l2-core/videobuf-dma-contig.c | 2 +- > .../staging/media/atomisp/pci/hmm/hmm_bo.c | 2 +- > drivers/tee/tee_shm.c | 2 +- > drivers/vfio/vfio_iommu_type1.c | 2 +- > fs/proc/task_mmu.c | 2 +- > include/linux/mm.h | 11 ---- > include/linux/uaccess.h | 11 ++++ > lib/strncpy_from_user.c | 2 +- > lib/strnlen_user.c | 2 +- > mm/gup.c | 6 +- > mm/madvise.c | 2 +- > mm/mempolicy.c | 6 +- > mm/migrate.c | 2 +- > mm/mincore.c | 2 +- > mm/mlock.c | 4 +- > mm/mmap.c | 2 +- > mm/mprotect.c | 2 +- > mm/mremap.c | 2 +- > mm/msync.c | 2 +- > virt/kvm/kvm_main.c | 2 +- > 51 files changed, 342 insertions(+), 126 deletions(-) > create mode 100644 arch/x86/kernel/proc.c > > -- > 2.35.1 >