Thread (62 messages) 62 messages, 8 authors, 2016-03-08

Re: [PATCH v2] sparc64: Add support for Application Data Integrity (ADI)

From: Khalid Aziz <hidden>
Date: 2016-03-07 18:23:34
Also in: linux-arch, linux-mm, lkml, sparclinux 

On 03/07/2016 11:08 AM, Andy Lutomirski wrote:
On Mon, Mar 7, 2016 at 10:04 AM, Khalid Aziz [off-list ref] wrote:
quoted
On 03/07/2016 09:56 AM, David Miller wrote:
quoted
From: Khalid Aziz <redacted>
Date: Mon, 7 Mar 2016 08:07:53 -0700
quoted
PR_GET_SPARC_ADICAPS

Put this into a new ELF auxiliary vector entry via ARCH_DLINFO.

So now all that's left is supposedly the TAG stuff, please explain
that to me so I can direct you to the correct existing interface to
provide that as well.

Really, try to avoid prtctl, it's poorly typed and almost worse than
ioctl().
The two remaining operations I am looking at are:

1. Is PSTATE.mcde bit set for the process? PR_SET_SPARC_ADI provides this in
its return value in the patch I sent.

2. Is TTE.mcd set for a given virtual address? PR_GET_SPARC_ADI_STATUS
provides this function in the patch I sent.

Setting and clearing version tags can be done entirely from userspace:

         while (addr < end) {
                 asm volatile(
                         "stxa %1, [%0]ASI_MCD_PRIMARY\n\t"
                         :
                         : "r" (addr), "r" (version));
                 addr += adicap.blksz;
         }
so I do not have to add any kernel code for tags.
Is the effect of that to change the tag associated with a page to
which the caller has write access?
No, it changes the tag associated with the virtual address for the 
caller. Physical page backing this virtual address is unaffected. Tag 
checking is done for virtual addresses. The one restriction where 
physical address is relevant is when two processes map the same physical 
page, they both have to use the same tag for the virtual addresses that 
map on to the shared physical pages.

I sense DoS issues in your future.
Are you concerned about DoS even if the tag is associated with virtual 
address, not physical address?

Thanks,
Khalid

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help