On Mon, Nov 02, 2020 at 08:09:44PM -0800, Peter Collingbourne wrote:
> The kernel currently clears the tag bits (i.e. bits 56-63) in the fault
> address exposed via siginfo.si_addr and sigcontext.fault_address. However,
> the tag bits may be needed by tools in order to accurately diagnose
> memory errors, such as HWASan [1] or future tools based on the Memory
> Tagging Extension (MTE).
>
> We should not stop clearing these bits in the existing fault address
> fields, because there may be existing userspace applications that are
> expecting the tag bits to be cleared. Instead, create a new pair of
> union fields in siginfo._sigfault, and store the tag bits of FAR_EL1
> there, together with a mask specifying which bits are valid.
This comment is slightly confusing as they are not union fields in
_sigfault.
> diff --git a/include/uapi/asm-generic/siginfo.h b/include/uapi/asm-generic/siginfo.h
> index f43778355b77..2b2ed0394457 100644
> --- a/include/uapi/asm-generic/siginfo.h
> +++ b/include/uapi/asm-generic/siginfo.h
> @@ -94,6 +94,8 @@ union __sifields {
> void *_pad[6];
> };
> __u32 _faultflags;
> + unsigned long _addr_tag_bits;
> + unsigned long _addr_tag_bits_mask;
> } _sigfault;
Can we not actually add these as a struct to the union? Do we expect the
other fields to be valid?
Also there's a 32-bit gap I mentioned on the previous patch between
_faultflags and _addr_tag_bits.
That said, I wonder whether we could solve this for MTE without new
fields by always setting the tag in si_addr when si_code is SEGV_MTE*.
Alternatively, we could add a prctl() bit to require tagged si_addr.
Well, I don't mind the _addr_tag_bits* fields if they are part of the
union and keep si_addr intact.
--
Catalin
