From: Richard Henderson <richard.henderson@linaro.org>
To: "Alex Bennée" <alex.bennee@linaro.org>
Cc: 1921948@bugs.launchpad.net, qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: Re: [PATCH v4 03/12] target/arm: Fix mte_checkN
Date: Wed, 7 Apr 2021 12:56:17 -0700 [thread overview]
Message-ID: <ade8e2d3-e1a6-3b84-7850-ceb4bcd59758@linaro.org> (raw)
In-Reply-To: <877dleuds3.fsf@linaro.org>
On 4/7/21 11:39 AM, Alex Bennée wrote:
>
> Richard Henderson <richard.henderson@linaro.org> writes:
>
>> We were incorrectly assuming that only the first byte of an MTE access
>> is checked against the tags. But per the ARM, unaligned accesses are
>> pre-decomposed into single-byte accesses. So by the time we reach the
>> actual MTE check in the ARM pseudocode, all accesses are aligned.
>>
>> Therefore, the first failure is always either the first byte of the
>> access, or the first byte of the granule.
>>
>> In addition, some of the arithmetic is off for last-first -> count.
>> This does not become directly visible until a later patch that passes
>> single bytes into this function, so ptr == ptr_last.
>>
>> Buglink: https://bugs.launchpad.net/bugs/1921948
>
> Minor note: you can Cc: Bug 1921948 <1921948@bugs.launchpad.net> to
> automatically copy patches to the appropriate bugs which is useful if
> you don't have the Cc for the reporter.
>
> Anyway I'm trying to get the kasas unit tests running as a way of
> testing this (and maybe expanding with a version of Andrey's test). I
> suspect this may be a PEBCAC issue but I built an MTE enabled kernel
> with:
>
> CONFIG_HAVE_ARCH_KASAN=y
> CONFIG_HAVE_ARCH_KASAN_SW_TAGS=y
> CONFIG_HAVE_ARCH_KASAN_HW_TAGS=y
> CONFIG_CC_HAS_KASAN_GENERIC=y
> CONFIG_KASAN=y
> # CONFIG_KASAN_GENERIC is not set
> CONFIG_KASAN_HW_TAGS=y
> CONFIG_KASAN_STACK=1
> CONFIG_KASAN_KUNIT_TEST=m
> CONFIG_TEST_KASAN_MODULE=m
I built it all in:
CONFIG_HAVE_ARCH_KASAN=y
CONFIG_HAVE_ARCH_KASAN_SW_TAGS=y
CONFIG_HAVE_ARCH_KASAN_HW_TAGS=y
CONFIG_CC_HAS_KASAN_GENERIC=y
CONFIG_KASAN=y
# CONFIG_KASAN_GENERIC is not set
CONFIG_KASAN_HW_TAGS=y
CONFIG_KASAN_KUNIT_TEST=y
Then I just boot the raw kernel (no filesystem or anything):
./qemu-system-aarch64 -M virt,mte=on -cpu max -nographic \
-kernel ~/linux/bld-aa/arch/arm64/boot/Image
There's a ton of output, but at the end I see
[ 11.901185] ok 48 - match_all_mem_tag
[ 11.901422] ok 1 - kasan
just before the "VFS: Cannot open root device" panic.
Which has done all we wanted, so, yay.
r~
next prev parent reply other threads:[~2021-04-07 19:57 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-06 17:40 [PATCH v4 00/12] target/arm mte fixes Richard Henderson
2021-04-06 17:40 ` [PATCH v4 01/12] accel/tcg: Preserve PAGE_ANON when changing page permissions Richard Henderson
2021-04-07 13:55 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 02/12] target/arm: Check PAGE_WRITE_ORG for MTE writeability Richard Henderson
2021-04-07 15:34 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 03/12] target/arm: Fix mte_checkN Richard Henderson
2021-04-07 18:39 ` Alex Bennée
2021-04-07 18:39 ` [Bug 1921948] " Alex Bennée
2021-04-07 19:56 ` Richard Henderson [this message]
2021-04-08 8:36 ` Alex Bennée
2021-04-08 8:36 ` [Bug 1921948] " Alex Bennée
2021-04-08 8:50 ` Peter Maydell
2021-04-08 8:50 ` [Bug 1921948] " Peter Maydell
2021-04-08 10:02 ` Alex Bennée
2021-04-08 10:02 ` [Bug 1921948] " Alex Bennée
2021-04-06 17:40 ` [PATCH v4 04/12] target/arm: Split out mte_probe_int Richard Henderson
2021-04-08 9:01 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 05/12] target/arm: Fix unaligned checks for mte_check1, mte_probe1 Richard Henderson
2021-04-08 9:05 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 06/12] test/tcg/aarch64: Add mte-5 Richard Henderson
2021-04-08 9:07 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 07/12] target/arm: Replace MTEDESC ESIZE+TSIZE with SIZEM1 Richard Henderson
2021-04-08 11:08 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 08/12] target/arm: Merge mte_check1, mte_checkN Richard Henderson
2021-04-08 11:10 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 09/12] target/arm: Rename mte_probe1 to mte_probe Richard Henderson
2021-04-08 11:10 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 10/12] target/arm: Simplify sve mte checking Richard Henderson
2021-04-08 11:23 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 11/12] target/arm: Remove log2_esize parameter to gen_mte_checkN Richard Henderson
2021-04-08 11:35 ` Alex Bennée
2021-04-06 17:40 ` [PATCH v4 12/12] exec: Fix overlap of PAGE_ANON and PAGE_TARGET_1 Richard Henderson
2021-04-06 18:21 ` Laurent Vivier
2021-04-06 19:36 ` Laurent Vivier
2021-04-07 17:16 ` Alex Bennée
2021-04-07 21:33 ` Nathan Chancellor
2021-04-06 17:57 ` [PATCH v4 00/12] target/arm mte fixes no-reply
2021-04-08 12:47 ` Peter Maydell
2021-04-08 14:25 ` Richard Henderson
2021-04-09 9:53 ` Peter Maydell
-- strict thread matches above, loose matches on Subject: below --
2021-03-30 19:34 [Bug 1921948] [NEW] MTE tags not checked properly for unaligned accesses at EL1 Andrey Konovalov
2021-03-30 23:22 ` [Bug 1921948] " Richard Henderson
2021-03-30 23:32 ` Peter Collingbourne
2021-03-31 6:44 ` Richard Henderson
2021-04-02 15:41 ` Richard Henderson
2021-04-02 16:17 ` Andrey Konovalov
2021-04-02 16:31 ` Richard Henderson
2021-04-03 14:34 ` Andrey Konovalov
2021-04-07 20:17 ` Andrey Konovalov
2021-04-07 20:46 ` Alex Bennée
2021-04-07 20:58 ` Andrey Konovalov
2021-04-07 21:29 ` Alex Bennée
2021-04-07 21:29 ` Alex Bennée
2021-04-07 21:45 ` Alex Bennée
2021-04-07 21:45 ` Alex Bennée
2021-04-07 21:19 ` Richard Henderson
2021-04-07 22:02 ` Andrey Konovalov
2021-05-06 18:39 ` Richard Henderson
2021-05-22 5:12 ` Peter Collingbourne
2021-05-22 5:17 ` Peter Collingbourne
2021-05-26 19:55 ` Vitaly Buka
2021-06-10 2:28 ` Peter Collingbourne
2021-06-10 6:06 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ade8e2d3-e1a6-3b84-7850-ceb4bcd59758@linaro.org \
--to=richard.henderson@linaro.org \
--cc=1921948@bugs.launchpad.net \
--cc=alex.bennee@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.