arm64/mte: Add userspace interface for enabling asymmetric mode

The architecture provides an asymmetric mode for MTE where tag mismatches
are checked asynchronously for stores but synchronously for loads. Allow
userspace processes to select this and make it available as a default mode
via the existing per-CPU sysfs interface.

Since there PR_MTE_TCF_ values are a bitmask (allowing the kernel to choose
between the multiple modes) and there are no free bits adjacent to the
existing PR_MTE_TCF_ bits the set of bits used to specify the mode becomes
disjoint. Programs using the new interface should be aware of this and
programs that do not use it will not see any change in behaviour.

When userspace requests two possible modes but the system default for the
CPU is the third mode (eg, default is synchronous but userspace requests
either asynchronous or asymmetric) the preference order is:

   ASYMM > ASYNC > SYNC

This situation is not currently possible since there are only two modes and
it is mandatory to have a system default so there could be no ambiguity and
there is no ABI change. The chosen order is basically arbitrary as we do not
have a clear metric for what is better here.

If userspace requests specifically asymmetric mode via the prctl() and the
system does not support it then we will return an error, this mirrors
how we handle the case where userspace enables MTE on a system that does
not support MTE at all and the behaviour that will be seen if running on
an older kernel that does not support userspace use of asymmetric mode.

Attempts to set asymmetric mode as the default mode will result in an error
if the system does not support it.

Signed-off-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Vincenzo Frascino <Vincenzo.Frascino@arm.com>
Tested-by: Branislav Rankov <branislav.rankov@arm.com>
Link: https://lore.kernel.org/r/20220216173224.2342152-5-broonie@kernel.org
Signed-off-by: Will Deacon <will@kernel.org>

diff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h
index 6f41b65f9962806a99567a8485f175258ff9b6cd..73e38d9a540ce94451849f22161fc673c91638d5 100644 (file)
--- a/arch/arm64/include/asm/processor.h
+++ b/arch/arm64/include/asm/processor.h
@@ -21,6 +21,7 @@
 
 #define MTE_CTRL_TCF_SYNC              (1UL << 16)
 #define MTE_CTRL_TCF_ASYNC             (1UL << 17)
+#define MTE_CTRL_TCF_ASYMM             (1UL << 18)
 
 #ifndef __ASSEMBLY__
 

diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c
index b9a2d13e85f6d21ac5ca1a03a3c7d9860f87f38d..cbbd8d93fc5022c62e4742fe7f34481c27c076db 100644 (file)
--- a/arch/arm64/kernel/mte.c
+++ b/arch/arm64/kernel/mte.c
@@ -215,7 +215,9 @@ static void mte_update_sctlr_user(struct task_struct *task)
         * set bits and map into register values determines our
         * default order.
         */
-       if (resolved_mte_tcf & MTE_CTRL_TCF_ASYNC)
+       if (resolved_mte_tcf & MTE_CTRL_TCF_ASYMM)
+               sctlr |= SCTLR_EL1_TCF0_ASYMM;
+       else if (resolved_mte_tcf & MTE_CTRL_TCF_ASYNC)
                sctlr |= SCTLR_EL1_TCF0_ASYNC;
        else if (resolved_mte_tcf & MTE_CTRL_TCF_SYNC)
                sctlr |= SCTLR_EL1_TCF0_SYNC;
@@ -309,6 +311,8 @@ long set_mte_ctrl(struct task_struct *task, unsigned long arg)
                mte_ctrl |= MTE_CTRL_TCF_ASYNC;
        if (arg & PR_MTE_TCF_SYNC)
                mte_ctrl |= MTE_CTRL_TCF_SYNC;
+       if (arg & PR_MTE_TCF_ASYMM)
+               mte_ctrl |= MTE_CTRL_TCF_ASYMM;
 
        task->thread.mte_ctrl = mte_ctrl;
        if (task == current) {
@@ -337,6 +341,8 @@ long get_mte_ctrl(struct task_struct *task)
                ret |= PR_MTE_TCF_ASYNC;
        if (mte_ctrl & MTE_CTRL_TCF_SYNC)
                ret |= PR_MTE_TCF_SYNC;
+       if (mte_ctrl & MTE_CTRL_TCF_ASYMM)
+               ret |= PR_MTE_TCF_ASYMM;
 
        return ret;
 }
@@ -484,6 +490,8 @@ static ssize_t mte_tcf_preferred_show(struct device *dev,
                return sysfs_emit(buf, "async\n");
        case MTE_CTRL_TCF_SYNC:
                return sysfs_emit(buf, "sync\n");
+       case MTE_CTRL_TCF_ASYMM:
+               return sysfs_emit(buf, "asymm\n");
        default:
                return sysfs_emit(buf, "???\n");
        }
@@ -499,6 +507,8 @@ static ssize_t mte_tcf_preferred_store(struct device *dev,
                tcf = MTE_CTRL_TCF_ASYNC;
        else if (sysfs_streq(buf, "sync"))
                tcf = MTE_CTRL_TCF_SYNC;
+       else if (cpus_have_cap(ARM64_MTE_ASYMM) && sysfs_streq(buf, "asymm"))
+               tcf = MTE_CTRL_TCF_ASYMM;
        else
                return -EINVAL;
 

diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
index 5369e649fa79ff8e547d18ee3e74c236161f60e6..941cfa7117b9bfc9956575ce8c4ec3c66d6e6b26 100644 (file)
--- a/arch/arm64/kernel/process.c
+++ b/arch/arm64/kernel/process.c
@@ -635,7 +635,10 @@ long set_tagged_addr_ctrl(struct task_struct *task, unsigned long arg)
                return -EINVAL;
 
        if (system_supports_mte())
-               valid_mask |= PR_MTE_TCF_MASK | PR_MTE_TAG_MASK;
+               valid_mask |= PR_MTE_TCF_SYNC | PR_MTE_TCF_ASYNC \
+                       | PR_MTE_TAG_MASK;
+       if (cpus_have_cap(ARM64_MTE_ASYMM))
+               valid_mask |= PR_MTE_TCF_ASYMM;
 
        if (arg & ~valid_mask)
                return -EINVAL;

diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index e998764f0262522903f04101f945a73a2f724a36..4ae2b21e4066a29f154b00c529a66b8ee2c55102 100644 (file)
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -238,7 +238,9 @@ struct prctl_mm_map {
 # define PR_MTE_TCF_NONE               0UL
 # define PR_MTE_TCF_SYNC               (1UL << 1)
 # define PR_MTE_TCF_ASYNC              (1UL << 2)
-# define PR_MTE_TCF_MASK               (PR_MTE_TCF_SYNC | PR_MTE_TCF_ASYNC)
+# define PR_MTE_TCF_ASYMM              (1UL << 19)
+# define PR_MTE_TCF_MASK               (PR_MTE_TCF_SYNC | PR_MTE_TCF_ASYNC | \
+                                        PR_MTE_TCF_ASYMM)
 /* MTE tag inclusion mask */
 # define PR_MTE_TAG_SHIFT              3
 # define PR_MTE_TAG_MASK               (0xffffUL << PR_MTE_TAG_SHIFT)