Date: Thu, 7 Aug 2025 19:18:21 +0100 From: Andrew Turner <andrew@FreeBSD.org> To: Jessica Clarke <jrtc27@freebsd.org> Cc: "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org> Subject: Re: git: 81f07332c03f - main - arm64: tidy up Top-Byte-Ignore (TBI) in the kernel Message-ID: <6BCAD216-03E1-4DA3-B0BB-542366F003DB@FreeBSD.org> In-Reply-To: <BA3B207C-6D34-4748-AE4D-DCD5AFA27789@freebsd.org> References: <202508061738.576Hc0wZ076618@gitrepo.freebsd.org> <BA3B207C-6D34-4748-AE4D-DCD5AFA27789@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_D384173A-B019-428E-93B1-239555A3C84A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On 6 Aug 2025, at 18:43, Jessica Clarke <jrtc27@freebsd.org> wrote: >=20 > On 6 Aug 2025, at 18:38, Andrew Turner <andrew@freebsd.org = <mailto:andrew@freebsd.org>> wrote: >>=20 >> The branch main has been updated by andrew: >>=20 >> URL: = https://cgit.FreeBSD.org/src/commit/?id=3D81f07332c03fd2ac6efa8e15b1659a57= 3d250329 >>=20 >> commit 81f07332c03fd2ac6efa8e15b1659a573d250329 >> Author: Harry Moulton <harry.moulton@arm.com> >> AuthorDate: 2025-07-31 14:10:57 +0000 >> Commit: Andrew Turner <andrew@FreeBSD.org> >> CommitDate: 2025-07-31 14:27:06 +0000 >>=20 >> arm64: tidy up Top-Byte-Ignore (TBI) in the kernel >>=20 >> In preparation for TBI to be enabled for processes from 15.0 we = need >> to clean up copying data between userspace and the kernel. These >> functions will check the address is within the valid userspace = range, >> however as the userspace and kernel ranges may overlap when TBI is >> enabled we need to mask off the top 8 bits. >>=20 >> Processes not using TBI are unaffected as the hardware will still >> check all bits in the address, however this will happen at the = first >> load/store instruction. >=20 > I thought Linux=E2=80=99s ABI was that addresses passed to the kernel = must be > canonical. Is that false, or is there a reason we=E2=80=99re diverging = from > that design choice? On Linux there is a flag to enable passing tagged pointers to the = kernel. It=E2=80=99s needed for HWASAN to work as any pointers may be = tagged, and I expect it will also be needed for MTE. I don=E2=80=99t know of a strong reason to not allow tagged pointers in = the kernel. Andrew= --Apple-Mail=_D384173A-B019-428E-93B1-239555A3C84A Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 <html><head><meta http-equiv=3D"content-type" content=3D"text/html; = charset=3Dutf-8"></head><body style=3D"overflow-wrap: break-word; = -webkit-nbsp-mode: space; line-break: after-white-space;"><br = id=3D"lineBreakAtBeginningOfMessage"><div><br><blockquote = type=3D"cite"><div>On 6 Aug 2025, at 18:43, Jessica Clarke = <jrtc27@freebsd.org> wrote:</div><br = class=3D"Apple-interchange-newline"><div><meta charset=3D"UTF-8"><span = style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: = 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; = letter-spacing: normal; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; word-spacing: 0px; = -webkit-text-stroke-width: 0px; text-decoration: none; float: none; = display: inline !important;">On 6 Aug 2025, at 18:38, Andrew Turner = <</span><a href=3D"mailto:andrew@freebsd.org" style=3D"font-family: = Helvetica; font-size: 12px; font-style: normal; font-variant-caps: = normal; font-weight: 400; letter-spacing: normal; orphans: auto; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: = 0px;">andrew@freebsd.org</a><span style=3D"caret-color: rgb(0, 0, 0); = font-family: Helvetica; font-size: 12px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;">> = wrote:</span><br style=3D"caret-color: rgb(0, 0, 0); font-family: = Helvetica; font-size: 12px; font-style: normal; font-variant-caps: = normal; font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none;"><blockquote type=3D"cite" style=3D"font-family: Helvetica; = font-size: 12px; font-style: normal; font-variant-caps: normal; = font-weight: 400; letter-spacing: normal; orphans: auto; text-align: = start; text-indent: 0px; text-transform: none; white-space: normal; = widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;"><br>The branch main has been updated by = andrew:<br><br>URL: = https://cgit.FreeBSD.org/src/commit/?id=3D81f07332c03fd2ac6efa8e15b1659a57= 3d250329<br><br>commit = 81f07332c03fd2ac6efa8e15b1659a573d250329<br>Author: = Harry Moulton = <harry.moulton@arm.com><br>AuthorDate: 2025-07-31 14:10:57 = +0000<br>Commit: Andrew Turner = <andrew@FreeBSD.org><br>CommitDate: 2025-07-31 14:27:06 = +0000<br><br> arm64: tidy up Top-Byte-Ignore (TBI) in the = kernel<br><br> In preparation for TBI to be enabled for = processes from 15.0 we need<br> to clean up copying data = between userspace and the kernel. These<br> functions will = check the address is within the valid userspace = range,<br> however as the userspace and kernel ranges may = overlap when TBI is<br> enabled we need to mask off the top 8 = bits.<br><br> Processes not using TBI are unaffected as the = hardware will still<br> check all bits in the address, = however this will happen at the first<br> load/store = instruction.<br></blockquote><br style=3D"caret-color: rgb(0, 0, 0); = font-family: Helvetica; font-size: 12px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;"><span style=3D"caret-color: rgb(0, 0, 0); = font-family: Helvetica; font-size: 12px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;">I = thought Linux=E2=80=99s ABI was that addresses passed to the kernel must = be</span><br style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; = font-size: 12px; font-style: normal; font-variant-caps: normal; = font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none;"><span style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; = font-size: 12px; font-style: normal; font-variant-caps: normal; = font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none; float: none; display: inline !important;">canonical. Is that = false, or is there a reason we=E2=80=99re diverging from</span><br = style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: = 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; = letter-spacing: normal; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; word-spacing: 0px; = -webkit-text-stroke-width: 0px; text-decoration: none;"><span = style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: = 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; = letter-spacing: normal; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; word-spacing: 0px; = -webkit-text-stroke-width: 0px; text-decoration: none; float: none; = display: inline !important;">that design choice?</span><br = style=3D"caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: = 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; = letter-spacing: normal; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; word-spacing: 0px; = -webkit-text-stroke-width: 0px; text-decoration: = none;"></div></blockquote></div><br><div>On Linux there is a flag to = enable passing tagged pointers to the kernel. It=E2=80=99s needed for = HWASAN to work as any pointers may be tagged, and I expect it will also = be needed for MTE.</div><div><br></div><div>I don=E2=80=99t know of a = strong reason to not allow tagged pointers in the = kernel.</div><div><br></div><div>Andrew</div></body></html>= --Apple-Mail=_D384173A-B019-428E-93B1-239555A3C84A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6BCAD216-03E1-4DA3-B0BB-542366F003DB>