On Wed, May 12, 2021 at 1:09 PM Peter Collingbourne <pcc@xxxxxxxxxx> wrote: > > Currently we can end up touching PROT_MTE user pages twice on fault > and once on unmap. On fault, with KASAN disabled we first clear data > and then set tags to 0, and with KASAN enabled we simultaneously > clear data and set tags to the KASAN random tag, and then set tags > again to 0. On unmap, we poison the page by setting tags, but this > is less likely to find a bug than poisoning kernel pages. > > This patch series fixes these inefficiencies by only touching the pages > once on fault using the DC GZVA instruction to clear both data and > tags, and providing the option to avoid poisoning user pages on free. > > Peter Collingbourne (3): > kasan: use separate (un)poison implementation for integrated init > arm64: mte: handle tags zeroing at page allocation time > kasan: allow freed user page poisoning to be disabled with HW tags Thanks Catalin for reviewing patch 2. Could someone on the KASAN side please take a look at patches 1 and 3? I imagine that we'll want this series to go in via the mm tree once it's ready. Peter