On Tue, Jun 11, 2019 at 5:01 PM Catalin Marinas <catalin.marinas@xxxxxxx> wrote: > > On Mon, Jun 03, 2019 at 06:55:18PM +0200, Andrey Konovalov wrote: > > This patch is a part of a series that extends arm64 kernel ABI to allow to > > pass tagged user pointers (with the top byte set to something else other > > than 0x00) as syscall arguments. > > > > This patch adds a simple test, that calls the uname syscall with a > > tagged user pointer as an argument. Without the kernel accepting tagged > > user pointers the test fails with EFAULT. > > > > Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx> > > BTW, you could add > > Co-developed-by: Catalin Marinas <catalin.marinas@xxxxxxx> > > since I wrote the malloc() etc. hooks. Sure! > > > > +static void *tag_ptr(void *ptr) > > +{ > > + unsigned long tag = rand() & 0xff; > > + if (!ptr) > > + return ptr; > > + return (void *)((unsigned long)ptr | (tag << TAG_SHIFT)); > > +} > > With the prctl() option, this function becomes (if you have a better > idea, fine by me): > > ----------8<--------------- > #include <stdlib.h> > #include <sys/prctl.h> > > #define TAG_SHIFT (56) > #define TAG_MASK (0xffUL << TAG_SHIFT) > > #define PR_SET_TAGGED_ADDR_CTRL 55 > #define PR_GET_TAGGED_ADDR_CTRL 56 > # define PR_TAGGED_ADDR_ENABLE (1UL << 0) > > void *__libc_malloc(size_t size); > void __libc_free(void *ptr); > void *__libc_realloc(void *ptr, size_t size); > void *__libc_calloc(size_t nmemb, size_t size); > > static void *tag_ptr(void *ptr) > { > static int tagged_addr_err = 1; > unsigned long tag = 0; > > if (tagged_addr_err == 1) > tagged_addr_err = prctl(PR_SET_TAGGED_ADDR_CTRL, > PR_TAGGED_ADDR_ENABLE, 0, 0, 0); I think this requires atomics. malloc() can be called from multiple threads. > > if (!ptr) > return ptr; > if (!tagged_addr_err) > tag = rand() & 0xff; > > return (void *)((unsigned long)ptr | (tag << TAG_SHIFT)); > } > > -- > Catalin