On 6/10/22 07:35, Kirill A. Shutemov wrote:
untagged_addr() is a helper used by the core-mm to strip tag bits and
get the address to the canonical shape. In only handles userspace
addresses. The untagging mask is stored in mmu_context and will be set
on enabling LAM for the process.
The tags must not be included into check whether it's okay to access the
userspace address.
Strip tags in access_ok().
What is the intended behavior for an access that spans a tag boundary?
Also, at the risk of a potentially silly question, why do we need to
strip the tag before access_ok()? With LAM, every valid tagged user
address is also a valid untagged address, right? (There is no
particular need to enforce the actual value of TASK_SIZE_MAX on
*access*, just on mmap.)
IOW, wouldn't it be sufficient, and probably better than what we have
now, to just check that the entire range has the high bit clear?
--Andy