On 7/23/19 10:58 AM, Andrey Konovalov wrote:
> +long set_tagged_addr_ctrl(unsigned long arg)
> +{
> + if (!tagged_addr_prctl_allowed)
> + return -EINVAL;
> + if (is_compat_task())
> + return -EINVAL;
> + if (arg & ~PR_TAGGED_ADDR_ENABLE)
> + return -EINVAL;
> +
> + update_thread_flag(TIF_TAGGED_ADDR, arg & PR_TAGGED_ADDR_ENABLE);
> +
> + return 0;
> +}
Instead of a plain enable/disable, a more flexible ABI would be to have
the tag mask be passed in. That way, an implementation that has a
flexible tag size can select it. It also ensures that userspace
actually knows what the tag size is and isn't surprised if a hardware
implementation changes the tag size or position.
Also, this whole set deals with tagging/untagging, but there's an
effective loss of address space when you do this. Is that dealt with
anywhere? How do we ensure that allocations don't get placed at a
tagged address before this gets turned on? Where's that checking?
