Re: [PATCH v9 29/29] arm64: mte: Add Memory Tagging Extension documentation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The 09/22/2020 17:55, Catalin Marinas wrote:
> On Tue, Sep 22, 2020 at 04:52:49PM +0100, Szabolcs Nagy wrote:
> > if we add a kernel level opt-in mechanism for tag checks later (e.g.
> > elf marking) or if the settings are exclusively owned by early libc
> > code then i think the proposed abi is ok (this is our current
> > agreement and works as long as no late runtime change is needed to the
> > settings).
> 
> In the Android case, run-time changes to the tag checking mode I think
> are expected (usually via signal handlers), though per-thread.

ok that works, but does not help allocators or
runtimes that don't own the signal handlers.

> > i'm now wondering about the default tag check mode: it may be better
> > to enable sync tag checks in the kernel. it's not clear to me what
> > would break with that. this is probably late to discuss now and libc
> > would need ways to override the default no matter what, but i'd like
> > to know if somebody sees problems or risks with unconditional sync tag
> > checks turned on (sorry i don't remember if we went through this
> > before). i assume it would have no effect on a process that never uses
> > PROT_MTE.
> 
> I don't think it helps much. We already have a requirement that to be
> able to pass tagged pointers to kernel syscalls, the user needs a
> prctl(PR_TAGGED_ADDR_ENABLE) call (code already in mainline). Using
> PROT_MTE without tagged pointers won't be of much use. So if we are to
> set different tag check defaults, we should also enable the tagged addr
> ABI automatically.
> 
> That said, I still have a preference for MTE and tagged addr ABI to be
> explicitly requested by the (human) user either via environment
> variables or marked in an ELF note as "safe with/using tags". Given the
> recent mremap() issue we caused in glibc, I'm worried that other things
> may break with enabling the tagged addr ABI everywhere.
> 
> Another aspect is that sync mode by default in a distro where glibc is
> MTE-aware will lead to performance regressions. That's another case in
> favour of the user explicitly asking for tag checking.

ok this all makes sense to me.

> 
> Anyway, I'm open to having a debate on changing the defaults.
> 
> -- 
> Catalin



[Index of Archives]     [Linux Kernel]     [Kernel Newbies]     [x86 Platform Driver]     [Netdev]     [Linux Wireless]     [Netfilter]     [Bugtraq]     [Linux Filesystems]     [Yosemite Discussion]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]

  Powered by Linux