From: Maciej Wieczor-Retman <m.wieczorretman@pm.me>
To: xin@zytor.com, peterz@infradead.org, kaleshsingh@google.com,
kbingham@kernel.org, akpm@linux-foundation.org,
nathan@kernel.org, ryabinin.a.a@gmail.com,
dave.hansen@linux.intel.com, bp@alien8.de, morbo@google.com,
jeremy.linton@arm.com, smostafa@google.com, kees@kernel.org,
baohua@kernel.org, vbabka@suse.cz, justinstitt@google.com,
wangkefeng.wang@huawei.com, leitao@debian.org,
jan.kiszka@siemens.com, fujita.tomonori@gmail.com, hpa@zytor.com,
urezki@gmail.com, ubizjak@gmail.com, ada.coupriediaz@arm.com,
nick.desaulniers+lkml@gmail.com, ojeda@kernel.org,
brgerst@gmail.com, elver@google.com, pankaj.gupta@amd.com,
glider@google.com, mark.rutland@arm.com, trintaeoitogc@gmail.com,
jpoimboe@kernel.org, thuth@redhat.com, pasha.tatashin@soleen.com,
dvyukov@google.com, jhubbard@nvidia.com, catalin.marinas@arm.com,
yeoreum.yun@arm.com, mhocko@suse.com, lorenzo.stoakes@oracle.com,
samuel.holland@sifive.com, vincenzo.frascino@arm.com,
bigeasy@linutronix.de, surenb@google.com, ardb@kernel.org,
Liam.Howlett@oracle.com, nicolas.schier@linux.dev,
ziy@nvidia.com, kas@kernel.org, tglx@linutronix.de,
mingo@redhat.com, broonie@kernel.org, corbet@lwn.net,
andreyknvl@gmail.com, maciej.wieczor-retman@intel.com,
david@redhat.com, maz@kernel.org, rppt@kernel.org,
will@kernel.org, luto@kernel.org
Cc: kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, x86@kernel.org,
linux-kbuild@vger.kernel.org, linux-mm@kvack.org,
llvm@lists.linux.dev, linux-doc@vger.kernel.org,
m.wieczorretman@pm.me
Subject: [PATCH v6 08/18] x86/mm: Reset tag for virtual to physical address conversions
Date: Wed, 29 Oct 2025 19:07:34 +0000 [thread overview]
Message-ID: <d030a07c956c1e7cbf8cd44d6b42120baaa41723.1761763681.git.m.wieczorretman@pm.me> (raw)
In-Reply-To: <cover.1761763681.git.m.wieczorretman@pm.me>
From: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com>
Any place where pointer arithmetic is used to convert a virtual address
into a physical one can raise errors if the virtual address is tagged.
Reset the pointer's tag by sign extending the tag bits in macros that do
pointer arithmetic in address conversions. There will be no change in
compiled code with KASAN disabled since the compiler will optimize the
__tag_reset() out.
Signed-off-by: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com>
---
Changelog v5:
- Move __tag_reset() calls into __phys_addr_nodebug() and
__virt_addr_valid() instead of calling it on the arguments of higher
level functions.
Changelog v4:
- Simplify page_to_virt() by removing pointless casts.
- Remove change in __is_canonical_address() because it's taken care of
in a later patch due to a LAM compatible definition of canonical.
arch/x86/include/asm/page.h | 8 ++++++++
arch/x86/include/asm/page_64.h | 1 +
arch/x86/mm/physaddr.c | 2 ++
3 files changed, 11 insertions(+)
diff --git a/arch/x86/include/asm/page.h b/arch/x86/include/asm/page.h
index 9265f2fca99a..bcf5cad3da36 100644
--- a/arch/x86/include/asm/page.h
+++ b/arch/x86/include/asm/page.h
@@ -7,6 +7,7 @@
#ifdef __KERNEL__
#include <asm/page_types.h>
+#include <asm/kasan.h>
#ifdef CONFIG_X86_64
#include <asm/page_64.h>
@@ -65,6 +66,13 @@ static inline void copy_user_page(void *to, void *from, unsigned long vaddr,
* virt_to_page(kaddr) returns a valid pointer if and only if
* virt_addr_valid(kaddr) returns true.
*/
+
+#ifdef CONFIG_KASAN_SW_TAGS
+#define page_to_virt(x) ({ \
+ void *__addr = __va(page_to_pfn((struct page *)x) << PAGE_SHIFT); \
+ __tag_set(__addr, page_kasan_tag(x)); \
+})
+#endif
#define virt_to_page(kaddr) pfn_to_page(__pa(kaddr) >> PAGE_SHIFT)
extern bool __virt_addr_valid(unsigned long kaddr);
#define virt_addr_valid(kaddr) __virt_addr_valid((unsigned long) (kaddr))
diff --git a/arch/x86/include/asm/page_64.h b/arch/x86/include/asm/page_64.h
index 015d23f3e01f..b18fef43dd34 100644
--- a/arch/x86/include/asm/page_64.h
+++ b/arch/x86/include/asm/page_64.h
@@ -21,6 +21,7 @@ extern unsigned long direct_map_physmem_end;
static __always_inline unsigned long __phys_addr_nodebug(unsigned long x)
{
+ x = __tag_reset(x);
unsigned long y = x - __START_KERNEL_map;
/* use the carry flag to determine if x was < __START_KERNEL_map */
diff --git a/arch/x86/mm/physaddr.c b/arch/x86/mm/physaddr.c
index fc3f3d3e2ef2..d6aa3589c798 100644
--- a/arch/x86/mm/physaddr.c
+++ b/arch/x86/mm/physaddr.c
@@ -14,6 +14,7 @@
#ifdef CONFIG_DEBUG_VIRTUAL
unsigned long __phys_addr(unsigned long x)
{
+ x = __tag_reset(x);
unsigned long y = x - __START_KERNEL_map;
/* use the carry flag to determine if x was < __START_KERNEL_map */
@@ -46,6 +47,7 @@ EXPORT_SYMBOL(__phys_addr_symbol);
bool __virt_addr_valid(unsigned long x)
{
+ x = __tag_reset(x);
unsigned long y = x - __START_KERNEL_map;
/* use the carry flag to determine if x was < __START_KERNEL_map */
--
2.51.0
next prev parent reply other threads:[~2025-10-29 19:07 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 19:05 [PATCH v6 00/18] kasan: x86: arm64: KASAN tag-based mode for x86 Maciej Wieczor-Retman
2025-10-29 19:05 ` [PATCH v6 01/18] kasan: Unpoison pcpu chunks with base address tag Maciej Wieczor-Retman
2025-11-10 17:32 ` Alexander Potapenko
2025-11-17 17:51 ` Maciej Wieczór-Retman
2025-10-29 19:06 ` [PATCH v6 02/18] kasan: Unpoison vms[area] addresses with a common tag Maciej Wieczor-Retman
2025-11-10 16:40 ` Alexander Potapenko
2025-10-29 19:06 ` [PATCH v6 03/18] kasan: sw_tags: Use arithmetic shift for shadow computation Maciej Wieczor-Retman
2025-11-11 9:39 ` Alexander Potapenko
2025-11-17 18:27 ` Maciej Wieczór-Retman
2025-10-29 19:06 ` [PATCH v6 04/18] kasan: sw_tags: Support tag widths less than 8 bits Maciej Wieczor-Retman
2025-11-10 17:37 ` Alexander Potapenko
2025-11-17 18:35 ` Maciej Wieczór-Retman
2025-10-29 19:06 ` [PATCH v6 05/18] kasan: Fix inline mode for x86 tag-based mode Maciej Wieczor-Retman
2025-11-11 9:22 ` Alexander Potapenko
2025-10-29 19:07 ` [PATCH v6 06/18] x86/kasan: Add arch specific kasan functions Maciej Wieczor-Retman
2025-11-11 9:31 ` Alexander Potapenko
2025-11-17 18:41 ` Maciej Wieczór-Retman
2025-11-18 15:49 ` Maciej Wieczór-Retman
2025-10-29 19:07 ` [PATCH v6 07/18] kasan: arm64: x86: Make special tags arch specific Maciej Wieczor-Retman
2025-11-11 9:34 ` Alexander Potapenko
2025-10-29 19:07 ` Maciej Wieczor-Retman [this message]
2025-11-11 9:42 ` [PATCH v6 08/18] x86/mm: Reset tag for virtual to physical address conversions Alexander Potapenko
2025-10-29 19:07 ` [PATCH v6 09/18] mm/execmem: Untag addresses in EXECMEM_ROX related pointer arithmetic Maciej Wieczor-Retman
2025-11-11 9:13 ` Alexander Potapenko
2025-11-17 18:43 ` Maciej Wieczór-Retman
2025-10-29 20:07 ` [PATCH v6 10/18] x86/mm: Physical address comparisons in fill_p*d/pte Maciej Wieczor-Retman
2025-11-10 16:24 ` Alexander Potapenko
2025-11-17 18:58 ` Maciej Wieczór-Retman
2025-10-29 20:07 ` [PATCH v6 11/18] x86/kasan: KASAN raw shadow memory PTE init Maciej Wieczor-Retman
2025-11-11 9:11 ` Alexander Potapenko
2025-10-29 20:08 ` [PATCH v6 12/18] x86/mm: LAM compatible non-canonical definition Maciej Wieczor-Retman
2025-11-11 9:07 ` Alexander Potapenko
2025-10-29 20:08 ` [PATCH v6 13/18] x86/mm: LAM initialization Maciej Wieczor-Retman
2025-11-11 9:04 ` Alexander Potapenko
2025-10-29 20:09 ` [PATCH v6 14/18] x86: Minimal SLAB alignment Maciej Wieczor-Retman
2025-11-10 17:48 ` Alexander Potapenko
2025-11-18 11:36 ` Maciej Wieczor-Retman
2025-10-29 20:09 ` [PATCH v6 15/18] x86/kasan: Handle UD1 for inline KASAN reports Maciej Wieczor-Retman
2025-11-11 10:14 ` Alexander Potapenko
2025-11-11 10:27 ` Peter Zijlstra
2025-11-17 9:47 ` Maciej Wieczór-Retman
2025-11-18 20:35 ` Peter Zijlstra
2025-10-29 20:10 ` [PATCH v6 16/18] arm64: Unify software tag-based KASAN inline recovery path Maciej Wieczor-Retman
2025-11-11 9:02 ` Alexander Potapenko
2025-10-29 20:11 ` [PATCH v6 17/18] x86/kasan: Logical bit shift for kasan_mem_to_shadow Maciej Wieczor-Retman
2025-11-10 14:49 ` Marco Elver
2025-11-17 18:26 ` Maciej Wieczór-Retman
2025-10-29 20:11 ` [PATCH v6 18/18] x86/kasan: Make software tag-based kasan available Maciej Wieczor-Retman
2025-11-11 9:00 ` Alexander Potapenko
2025-11-18 11:48 ` Maciej Wieczor-Retman
2025-10-29 22:08 ` [PATCH v6 00/18] kasan: x86: arm64: KASAN tag-based mode for x86 Andrew Morton
2025-10-29 23:13 ` Andrew Morton
2025-10-30 5:31 ` Maciej Wieczór-Retman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d030a07c956c1e7cbf8cd44d6b42120baaa41723.1761763681.git.m.wieczorretman@pm.me \
--to=m.wieczorretman@pm.me \
--cc=Liam.Howlett@oracle.com \
--cc=ada.coupriediaz@arm.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=ardb@kernel.org \
--cc=baohua@kernel.org \
--cc=bigeasy@linutronix.de \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=david@redhat.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=fujita.tomonori@gmail.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=jan.kiszka@siemens.com \
--cc=jeremy.linton@arm.com \
--cc=jhubbard@nvidia.com \
--cc=jpoimboe@kernel.org \
--cc=justinstitt@google.com \
--cc=kaleshsingh@google.com \
--cc=kas@kernel.org \
--cc=kasan-dev@googlegroups.com \
--cc=kbingham@kernel.org \
--cc=kees@kernel.org \
--cc=leitao@debian.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=llvm@lists.linux.dev \
--cc=lorenzo.stoakes@oracle.com \
--cc=luto@kernel.org \
--cc=maciej.wieczor-retman@intel.com \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=nicolas.schier@linux.dev \
--cc=ojeda@kernel.org \
--cc=pankaj.gupta@amd.com \
--cc=pasha.tatashin@soleen.com \
--cc=peterz@infradead.org \
--cc=rppt@kernel.org \
--cc=ryabinin.a.a@gmail.com \
--cc=samuel.holland@sifive.com \
--cc=smostafa@google.com \
--cc=surenb@google.com \
--cc=tglx@linutronix.de \
--cc=thuth@redhat.com \
--cc=trintaeoitogc@gmail.com \
--cc=ubizjak@gmail.com \
--cc=urezki@gmail.com \
--cc=vbabka@suse.cz \
--cc=vincenzo.frascino@arm.com \
--cc=wangkefeng.wang@huawei.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
--cc=yeoreum.yun@arm.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox