On Wed, 2 Jun 2021 16:52:26 -0700, Peter Collingbourne wrote:
> Currently we can end up touching PROT_MTE user pages twice on fault
> and once on unmap. On fault, with KASAN disabled we first clear data
> and then set tags to 0, and with KASAN enabled we simultaneously
> clear data and set tags to the KASAN random tag, and then set tags
> again to 0. On unmap, we poison the page by setting tags, but this
> is less likely to find a bug than poisoning kernel pages.
>
> [...]
Applied to arm64 (for-next/mte), thanks!
[1/4] mm: arch: remove indirection level in alloc_zeroed_user_highpage_movable()
https://git.kernel.org/arm64/c/92638b4e1b47
[2/4] kasan: use separate (un)poison implementation for integrated init
https://git.kernel.org/arm64/c/7a3b83537188
[3/4] arm64: mte: handle tags zeroing at page allocation time
https://git.kernel.org/arm64/c/013bb59dbb7c
[4/4] kasan: disable freed user page poisoning with HW tags
https://git.kernel.org/arm64/c/c275c5c6d50a
Cheers,
--
Will
https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev
