| Message ID | 20210924165338.2326917-1-hjl.tools@gmail.com |
|---|---|
| Headers |
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 4A2BE3858003 for <patchwork@sourceware.org>; Fri, 24 Sep 2021 16:54:11 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4A2BE3858003 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1632502451; bh=OxYfrty98J55AhFUo0CaeDtXAILLgq1yCaqMl57hVRk=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=PhF1KtECBh/QfmJPqidgkMsxw44angIpvV4D+6gk0p6ixADwbU8nWaCzW/y6WnLXI 8l+g+Fs41PU1rmCTrF3N12FsxLKhG/Oz/MNBeJDTI7O2Wbl2B+zcNUVzjRy+feLIfW 2llxRANJa/rnXojw6YGZYY/RsztQe4xhyKUN27P8= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by sourceware.org (Postfix) with ESMTPS id 4D25B3858C60 for <libc-alpha@sourceware.org>; Fri, 24 Sep 2021 16:53:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 4D25B3858C60 Received: by mail-pf1-x431.google.com with SMTP id 145so9375193pfz.11 for <libc-alpha@sourceware.org>; Fri, 24 Sep 2021 09:53:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=OxYfrty98J55AhFUo0CaeDtXAILLgq1yCaqMl57hVRk=; b=domMfQvmh60pNFgSiAI58jQMhiVGMeV9C3oABegHWfKx73Zsrbn9258yjiiFnsCUNR GCAHzljlqH1ISW+y0Gx56T51Pg+RcftRFiHPxva3MBh1spDDuVjAdhn86zmIuHJ+yvjN OylXTVzF2AWdoRVS3WagT99hFsX9Cq7vRAhOE2m97Z43batwdh3sqviJmm7duQ07i6n+ vIDO8ETEqbHSLQ3bNL48RCa6Ir66afKv6a/r1kh+vKUv0yVcB1VaZlT4EyxhZwhUpYAt fvxEz6ZM3bFRoS0CdFN5gkzd+8xLNh4mAbV8XSo0DEmbnWisfoohzIx/PYDgcsJHHBP5 byeg== X-Gm-Message-State: AOAM530WiUhABaBZD9CZfqL9UCSbMyR0mP2DyM2/x7YOfG8tJQtdxTAk fUFIwMVfeZDAfEWX1cp1Lvil+JL0nkU= X-Google-Smtp-Source: ABdhPJwQ/xcNbYQxSyjYbFgA9lBWx8xNO2yj5Ln9l18ptYiB9wSGyGThF2l+YwKAAMLv4AON+L/+ow== X-Received: by 2002:a63:f84f:: with SMTP id v15mr4647176pgj.204.1632502428388; Fri, 24 Sep 2021 09:53:48 -0700 (PDT) Received: from gnu-gram-1.localdomain (cpe-76-173-15-247.hawaii.res.rr.com. [76.173.15.247]) by smtp.gmail.com with ESMTPSA id y15sm9714400pfq.32.2021.09.24.09.53.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Sep 2021 09:53:48 -0700 (PDT) Received: from gnu-gram-1.localdomain (localhost [IPv6:::1]) by gnu-gram-1.localdomain (Postfix) with ESMTP id 8CC7AE0072; Fri, 24 Sep 2021 09:53:45 -0700 (PDT) To: libc-alpha@sourceware.org Subject: [PATCH v7 0/1] RFC: Add <sys/tagged-address.h> Date: Fri, 24 Sep 2021 09:53:37 -0700 Message-Id: <20210924165338.2326917-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3026.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> From: "H.J. Lu via Libc-alpha" <libc-alpha@sourceware.org> Reply-To: "H.J. Lu" <hjl.tools@gmail.com> Cc: Florian Weimer <fweimer@redhat.com>, Szabolcs Nagy <szabolcs.nagy@arm.com>, Joseph Myers <joseph@codesourcery.com>, "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com> Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> |
| Series |
RFC: Add <sys/tagged-address.h>
|
|
Message
H.J. Lu
Sept. 24, 2021, 4:53 p.m. UTC
Changes in v7: 1. Move set_translated_address_mask to libc_nonshared.a. Changes in v6: 1. Update and simplify the API by only exporting: /* Set the mask for address bits used in address translation. Return 0 on success. Return -1 on error. */ extern int set_translated_address_mask (uintptr_t __mask); /* Non-zero if constant address BITS is a valid tagged address bits. */ #define TRANSLATED_ADDRESS_VALID_BITS(BITS) /* A mask for constant address BITS used in address translation. */ #define TRANSLATED_ADDRESS_MASK(BITS) 2. Properly use _Static_assert for C and static_assert for C++. Changes in v5: Add restrictions: 1. All bits between 0 and N - 1, where N is the number of tagged address bits, are used in address translation. 2. All pointers participating in a pointer arithmetic operation should have the same tag if they point to the same memory object so that pointer equality operation can be performed on tagged pointers. Changes in v4: 1. Document that the zero return value from get_tagged_address_bits indicates that tag bits are not the highest bits in address. 2. Document that the zero value of TAGGED_ADDRESS_MASK indicates the invalid address mask. 3. Add <bits/tagged-address-mask.h> to provide TAGGED_ADDRESS_MASK. 4. Add C++ support to TAGGED_ADDRESS_MASK. Changes in v3: 1. set_tagged_address_mask can be only called once before main. 2. Add more tests. --- By default, the number of the address bits used in address translation is the number of address bits. But it can be changed by ARM Top-byte Ignore (TBI) or Intel Linear Address Masking (LAM). <sys/tagged-address.h> provides an API for tagged address manipulation. H.J. Lu (1): <sys/tagged-address.h>: An API for tagged address NEWS | 2 + bits/tagged-address-mask.h | 47 +++++++++++++++++++++ bits/tagged-address-valid-bits.h | 28 +++++++++++++ csu/libc-start.c | 3 ++ elf/dl-support.c | 5 +++ include/sys/tagged-address.h | 19 +++++++++ manual/Makefile | 3 +- manual/ctype.texi | 2 +- manual/memory.texi | 2 +- manual/tagged-address.texi | 48 +++++++++++++++++++++ misc/Makefile | 48 ++++++++++++++++++--- misc/set-translated-address-mask.c | 49 ++++++++++++++++++++++ misc/sys/tagged-address.h | 33 +++++++++++++++ misc/tagged-address.c | 50 ++++++++++++++++++++++ misc/tst-tagged-address-1-static.c | 1 + misc/tst-tagged-address-1.c | 55 +++++++++++++++++++++++++ misc/tst-tagged-address-2-static.c | 1 + misc/tst-tagged-address-2.c | 45 ++++++++++++++++++++ misc/tst-tagged-address-3-static.c | 1 + misc/tst-tagged-address-3.c | 48 +++++++++++++++++++++ misc/tst-tagged-address-4-static.c | 1 + misc/tst-tagged-address-4.c | 36 ++++++++++++++++ misc/tst-tagged-address-5.c | 25 +++++++++++ misc/tst-tagged-address-6.c | 34 +++++++++++++++ misc/tst-tagged-address-7.c | 41 ++++++++++++++++++ misc/tst-tagged-address-mod-5.c | 47 +++++++++++++++++++++ misc/tst-tagged-address-mod-6.c | 34 +++++++++++++++ misc/tst-tagged-address-mod-7.c | 35 ++++++++++++++++ sysdeps/generic/inline-tagged-address.h | 43 +++++++++++++++++++ sysdeps/generic/ldsodefs.h | 4 ++ 30 files changed, 782 insertions(+), 8 deletions(-) create mode 100644 bits/tagged-address-mask.h create mode 100644 bits/tagged-address-valid-bits.h create mode 100644 include/sys/tagged-address.h create mode 100644 manual/tagged-address.texi create mode 100644 misc/set-translated-address-mask.c create mode 100644 misc/sys/tagged-address.h create mode 100644 misc/tagged-address.c create mode 100644 misc/tst-tagged-address-1-static.c create mode 100644 misc/tst-tagged-address-1.c create mode 100644 misc/tst-tagged-address-2-static.c create mode 100644 misc/tst-tagged-address-2.c create mode 100644 misc/tst-tagged-address-3-static.c create mode 100644 misc/tst-tagged-address-3.c create mode 100644 misc/tst-tagged-address-4-static.c create mode 100644 misc/tst-tagged-address-4.c create mode 100644 misc/tst-tagged-address-5.c create mode 100644 misc/tst-tagged-address-6.c create mode 100644 misc/tst-tagged-address-7.c create mode 100644 misc/tst-tagged-address-mod-5.c create mode 100644 misc/tst-tagged-address-mod-6.c create mode 100644 misc/tst-tagged-address-mod-7.c create mode 100644 sysdeps/generic/inline-tagged-address.h
Comments
On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > Changes in v7: > > 1. Move set_translated_address_mask to libc_nonshared.a. Code in *_nonshared.a or crt*.o should include the LGPL exception wording: In addition to the permissions in the GNU Lesser General Public License, the Free Software Foundation gives you unlimited permission to link the compiled version of this file with other programs, and to distribute those programs without any restriction coming from the use of this file. (The GNU Lesser General Public License restrictions do apply in other respects; for example, they cover modification of the file, and distribution when not linked into another program.) Note that people who make modified versions of this file are not obligated to grant this special exception for their modified versions; it is their choice whether to do so. The GNU Lesser General Public License gives permission to release a modified version without this exception; this exception also makes it possible to release a modified version which carries forward this exception. (The point being that people linking with glibc should be able to meet their LGPL obligations by linking dynamically, without also needing to provide a way to relink with modified versions of the *_nonshared.a code.) Presumably when we get DCO contributions to such files we also need to adjust the exception wording accordingly regarding who gives the above permission.
On Fri, Sep 24, 2021 at 11:08 AM Joseph Myers <joseph@codesourcery.com> wrote: > > On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > > > Changes in v7: > > > > 1. Move set_translated_address_mask to libc_nonshared.a. > > Code in *_nonshared.a or crt*.o should include the LGPL exception wording: > > In addition to the permissions in the GNU Lesser General Public > License, the Free Software Foundation gives you unlimited > permission to link the compiled version of this file with other > programs, and to distribute those programs without any restriction > coming from the use of this file. (The GNU Lesser General Public > License restrictions do apply in other respects; for example, they > cover modification of the file, and distribution when not linked > into another program.) > > Note that people who make modified versions of this file are not > obligated to grant this special exception for their modified > versions; it is their choice whether to do so. The GNU Lesser > General Public License gives permission to release a modified > version without this exception; this exception also makes it > possible to release a modified version which carries forward this > exception. > > (The point being that people linking with glibc should be able to meet > their LGPL obligations by linking dynamically, without also needing to > provide a way to relink with modified versions of the *_nonshared.a code.) > > Presumably when we get DCO contributions to such files we also need to > adjust the exception wording accordingly regarding who gives the above > permission. > > -- > Joseph S. Myers > joseph@codesourcery.com I added the following change to set-translated-address-mask.c: @@ -6,6 +6,15 @@ License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. + In addition to the permissions in the GNU Lesser General Public + License, the Free Software Foundation gives you unlimited + permission to link the compiled version of this file with other + programs, and to distribute those programs without any restriction + coming from the use of this file. (The Lesser General Public + License restrictions do apply in other respects; for example, they + cover modification of the file, and distribution when not linked + into another program.) + The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > > In addition to the permissions in the GNU Lesser General Public > > License, the Free Software Foundation gives you unlimited > > permission to link the compiled version of this file with other > > programs, and to distribute those programs without any restriction > > coming from the use of this file. (The GNU Lesser General Public > > License restrictions do apply in other respects; for example, they > > cover modification of the file, and distribution when not linked > > into another program.) > > > > Note that people who make modified versions of this file are not > > obligated to grant this special exception for their modified > > versions; it is their choice whether to do so. The GNU Lesser > > General Public License gives permission to release a modified > > version without this exception; this exception also makes it > > possible to release a modified version which carries forward this > > exception. > I added the following change to set-translated-address-mask.c: > > @@ -6,6 +6,15 @@ > License as published by the Free Software Foundation; either > version 2.1 of the License, or (at your option) any later version. > > + In addition to the permissions in the GNU Lesser General Public > + License, the Free Software Foundation gives you unlimited > + permission to link the compiled version of this file with other > + programs, and to distribute those programs without any restriction > + coming from the use of this file. (The Lesser General Public > + License restrictions do apply in other respects; for example, they > + cover modification of the file, and distribution when not linked > + into another program.) It's supposed to be both paragraphs quoted above, not just one.
On Fri, Sep 24, 2021 at 11:53 AM Joseph Myers <joseph@codesourcery.com> wrote: > > On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > > > > In addition to the permissions in the GNU Lesser General Public > > > License, the Free Software Foundation gives you unlimited > > > permission to link the compiled version of this file with other > > > programs, and to distribute those programs without any restriction > > > coming from the use of this file. (The GNU Lesser General Public > > > License restrictions do apply in other respects; for example, they > > > cover modification of the file, and distribution when not linked > > > into another program.) > > > > > > Note that people who make modified versions of this file are not > > > obligated to grant this special exception for their modified > > > versions; it is their choice whether to do so. The GNU Lesser > > > General Public License gives permission to release a modified > > > version without this exception; this exception also makes it > > > possible to release a modified version which carries forward this > > > exception. > > > I added the following change to set-translated-address-mask.c: > > > > @@ -6,6 +6,15 @@ > > License as published by the Free Software Foundation; either > > version 2.1 of the License, or (at your option) any later version. > > > > + In addition to the permissions in the GNU Lesser General Public > > + License, the Free Software Foundation gives you unlimited > > + permission to link the compiled version of this file with other > > + programs, and to distribute those programs without any restriction > > + coming from the use of this file. (The Lesser General Public > > + License restrictions do apply in other respects; for example, they > > + cover modification of the file, and distribution when not linked > > + into another program.) > > It's supposed to be both paragraphs quoted above, not just one. > > -- > Joseph S. Myers > joseph@codesourcery.com Here is the full text: /* Copyright (C) 2021 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. In addition to the permissions in the GNU Lesser General Public License, the Free Software Foundation gives you unlimited permission to link the compiled version of this file with other programs, and to distribute those programs without any restriction coming from the use of this file. (The Lesser General Public License restrictions do apply in other respects; for example, they cover modification of the file, and distribution when not linked into another program.) The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with the GNU C Library; if not, see <https://www.gnu.org/licenses/>. */ Does it look OK? If not, please attach the full text in your reply. Thanks.
On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > Here is the full text: > > /* Copyright (C) 2021 Free Software Foundation, Inc. > This file is part of the GNU C Library. > > The GNU C Library is free software; you can redistribute it and/or > modify it under the terms of the GNU Lesser General Public > License as published by the Free Software Foundation; either > version 2.1 of the License, or (at your option) any later version. > > In addition to the permissions in the GNU Lesser General Public > License, the Free Software Foundation gives you unlimited > permission to link the compiled version of this file with other > programs, and to distribute those programs without any restriction > coming from the use of this file. (The Lesser General Public > License restrictions do apply in other respects; for example, they > cover modification of the file, and distribution when not linked > into another program.) > > The GNU C Library is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > Lesser General Public License for more details. > > You should have received a copy of the GNU Lesser General Public > License along with the GNU C Library; if not, see > <https://www.gnu.org/licenses/>. */ > > Does it look OK? If not, please attach the full text in your reply. See stdlib/atexit.c, for example. You're missing the "Note that people who make modified versions of this file" paragraph.
On Fri, Sep 24, 2021 at 12:35 PM Joseph Myers <joseph@codesourcery.com> wrote: > > On Fri, 24 Sep 2021, H.J. Lu via Libc-alpha wrote: > > > Here is the full text: > > > > /* Copyright (C) 2021 Free Software Foundation, Inc. > > This file is part of the GNU C Library. > > > > The GNU C Library is free software; you can redistribute it and/or > > modify it under the terms of the GNU Lesser General Public > > License as published by the Free Software Foundation; either > > version 2.1 of the License, or (at your option) any later version. > > > > In addition to the permissions in the GNU Lesser General Public > > License, the Free Software Foundation gives you unlimited > > permission to link the compiled version of this file with other > > programs, and to distribute those programs without any restriction > > coming from the use of this file. (The Lesser General Public > > License restrictions do apply in other respects; for example, they > > cover modification of the file, and distribution when not linked > > into another program.) > > > > The GNU C Library is distributed in the hope that it will be useful, > > but WITHOUT ANY WARRANTY; without even the implied warranty of > > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > > Lesser General Public License for more details. > > > > You should have received a copy of the GNU Lesser General Public > > License along with the GNU C Library; if not, see > > <https://www.gnu.org/licenses/>. */ > > > > Does it look OK? If not, please attach the full text in your reply. > > See stdlib/atexit.c, for example. You're missing the "Note that people > who make modified versions of this file" paragraph. > Here is the updated full text: /* Copyright (C) 2021 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. In addition to the permissions in the GNU Lesser General Public License, the Free Software Foundation gives you unlimited permission to link the compiled version of this file with other programs, and to distribute those programs without any restriction coming from the use of this file. (The GNU Lesser General Public License restrictions do apply in other respects; for example, they cover modification of the file, and distribution when not linked into another program.) Note that people who make modified versions of this file are not obligated to grant this special exception for their modified versions; it is their choice whether to do so. The GNU Lesser General Public License gives permission to release a modified version without this exception; this exception also makes it possible to release a modified version which carries forward this exception. The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with the GNU C Library; if not, see <https://www.gnu.org/licenses/>. */ Thanks.
* H. J. Lu: > By default, the number of the address bits used in address translation > is the number of address bits. But it can be changed by ARM Top-byte > Ignore (TBI) or Intel Linear Address Masking (LAM). > > <sys/tagged-address.h> provides an API for tagged address manipulation. H.J., we had an off-list discussion regarding this, and I want to double-check if my recollection of the conclusion is correct. Basically, we said that we would try to enable HWSAN on x86-64 as well (using Intel LAM) *without* glibc changes or a new ABI. Once we have a better understanding of how address tagging is used/could be used by applications, we plan to define a general-purpose programming interface for it. Thanks, Florian
On Mon, Nov 15, 2021 at 5:34 AM Florian Weimer <fweimer@redhat.com> wrote: > > * H. J. Lu: > > > By default, the number of the address bits used in address translation > > is the number of address bits. But it can be changed by ARM Top-byte > > Ignore (TBI) or Intel Linear Address Masking (LAM). > > > > <sys/tagged-address.h> provides an API for tagged address manipulation. > > H.J., > > we had an off-list discussion regarding this, and I want to double-check > if my recollection of the conclusion is correct. > > Basically, we said that we would try to enable HWSAN on x86-64 as well > (using Intel LAM) *without* glibc changes or a new ABI. Once we have a > better understanding of how address tagging is used/could be used by > applications, we plan to define a general-purpose programming interface > for it. I withdrew this patch. My current LAM patch is https://gitlab.com/x86-glibc/glibc/-/commit/9d8fb211169fe677d3feca74aef5e87595f934ef I will submit it after the LAM kernel interface is finalized.