From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x72a.google.com (mail-qk1-x72a.google.com [IPv6:2607:f8b0:4864:20::72a]) by sourceware.org (Postfix) with ESMTPS id 63F953860C30 for ; Mon, 22 Mar 2021 13:22:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 63F953860C30 Received: by mail-qk1-x72a.google.com with SMTP id y18so10430083qky.11 for ; Mon, 22 Mar 2021 06:22:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9noFujt0U5jVuiBVKDVQHX/cvdr5X+anp16/TLCHOhk=; b=I/hbv3HxAPctSMNr2uB2h1aKHUx6JnEC3yqZ+m9mlVqoB+BqdBjq1QsOEcowqqRoyh cAPdKMefAWHfJWaXNPwFXDWYacSZqzXJXHYbVIuH5+aiRnsOytrBTkD64ahbNtCchode xZ+ntd2+KPTCTf6zdm0avoeFclNxz+BeB3453TEKc/yfeBAr36D5luYNfuj7s1IxzTDn nOBJfjjOhGkjVA0vJB/V4NITU1KPqC5uAAMiz9BohzhwFm5dcOjuW/kyEtbGsL9afc9N HoaSmCPUtj2TpCsNu0yASUFFlLIug7G1pHZHeefZfStoWxZjNOeVt3fsEoXe4l25svR9 LPXw== X-Gm-Message-State: AOAM532vtdD2zJqehMeCyigteENMG2DZGIoKIn+C9eAlFWhMkS611R3d Bi8AY9tzJp2d7f3QVdgmU4sMqZ398Q6DtQ== X-Google-Smtp-Source: ABdhPJzIky3KoFwV07/P3/cSR9ftE444frWUREuVVdio1xh05gdc+v6G6txHceoJ3Dqcc3/njr18dw== X-Received: by 2002:a37:ae44:: with SMTP id x65mr10776389qke.9.1616419325794; Mon, 22 Mar 2021 06:22:05 -0700 (PDT) Received: from localhost.localdomain ([2804:7f0:4841:2841:2c21:ec8a:30f3:55a6]) by smtp.gmail.com with ESMTPSA id r35sm7364575qtd.95.2021.03.22.06.22.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Mar 2021 06:22:05 -0700 (PDT) From: Luis Machado To: gdb-patches@sourceware.org Subject: [PATCH v6 21/25] Documentation for the new mtag commands Date: Mon, 22 Mar 2021 10:21:15 -0300 Message-Id: <20210322132120.1202230-22-luis.machado@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210322132120.1202230-1-luis.machado@linaro.org> References: <20210322132120.1202230-1-luis.machado@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Mar 2021 13:22:07 -0000 Updates on v6: - Update tag fault example. - Update documentation. Updates on v4: - Update the command names. -- Document the new "memory-tag" command prefix and all of its subcommands. gdb/doc/ChangeLog: YYYY-MM-DD Luis Machado * gdb.texinfo (Memory Tagging): New subsection and node. (AArch64 Memory Tagging Extension): New subsection. --- gdb/doc/gdb.texinfo | 96 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo index e26ce4e9b6b..d976325e695 100644 --- a/gdb/doc/gdb.texinfo +++ b/gdb/doc/gdb.texinfo @@ -10864,6 +10864,66 @@ target supports computing the CRC checksum of a block of memory (@pxref{qCRC packet}). @end table +@node Memory Tagging +@subsection Memory Tagging + +Memory tagging is a memory protection technology that uses a pair of tags to +validate memory accesses through pointers. The tags are integer values +usually comprised of a few bits, depending on the architecture. + +There are two types of tags that are used in this setup: logical and +allocation. A logical tag is stored in the pointers themselves, usually at the +higher bits of the pointers. An allocation tag is the tag associated +with particular ranges of memory in the physical address space, against which +the logical tags from pointers are compared. + +The pointer tag (logical tag) must match the memory tag (allocation tag) +for the memory access to be valid. If the logical tag does not match the +allocation tag, that will raise a memory violation. + +Allocation tags cover multiple contiguous bytes of physical memory. This +range of bytes is called a memory tag granule and is architecture-specific. +For example, AArch64 has a tag granule of 16 bytes, meaning each allocation +tag spans 16 bytes of memory. + +If the underlying architecture supports memory tagging, like AArch64 MTE +or SPARC ADI do, @value{GDBN} can make use of it to validate pointers +against memory allocation tags. + +A command prefix of @code{memory-tag} gives access to the various memory tagging +commands. + +The @code{memory-tag} commands are the following: + +@table @code +@kindex memory-tag print-logical-tag +@item memory-tag print-logical-tag @var{pointer_expression} +Print the logical tag stored in @var{pointer_expression}. +@kindex memory-tag with-logical-tag +@item memory-tag with-logical-tag @var{pointer_expression} @var{tag_bytes} +Print the pointer given by @var{pointer_expression}, augmented with a logical +tag of @var{tag_bytes}. +@kindex memory-tag print-allocation-tag +@item memory-tag print-allocation-tag @var{address_expression} +Print the allocation tag associated with the memory address given by +@var{address_expression}. +@kindex memory-tag setatag +@item memory-tag setatag @var{starting_address} @var{length} @var{tag_bytes} +Set the allocation tag(s) for memory range @r{[}@var{starting_address}, +@var{starting_address} + @var{length}@r{)} to @var{tag_bytes}. +@kindex memory-tag check +@item memory-tag check @var{pointer_expression} +Check if the logical tag in the pointer given by @var{pointer_expression} +matches the allocation tag for the memory referenced by the pointer. + +This essentially emulates the hardware validation that is done when tagged +memory is accessed through a pointer, but does not cause a memory fault as +it would during hardware validation. + +It can be used to inspect potential memory tagging violations in the running +process, before any faults get triggered. +@end table + @node Auto Display @section Automatic Display @cindex automatic display @@ -24993,6 +25053,42 @@ When GDB prints a backtrace, any addresses that required unmasking will be postfixed with the marker [PAC]. When using the MI, this is printed as part of the @code{addr_flags} field. +@subsubsection AArch64 Memory Tagging Extension. +@cindex AArch64 Memory Tagging Extension. + +When @value{GDBN} is debugging the AArch64 architecture, the program is +using the v8.5-A feature Memory Tagging Extension (MTE) and there is support +in the kernel for MTE, @value{GDBN} will make memory tagging functionality +available for inspection and editing of logical and allocation tags. +@xref{Memory Tagging}. + +To aid debugging, @value{GDBN} will output additional information when SIGSEGV +signals are generated as a result of memory tag failures. + +If the tag violation is synchronous, the following will be shown: + +@smallexample +Program received signal SIGSEGV, Segmentation fault +Memory tag violation while accessing address 0x0500fffff7ff8000 +Allocation tag 0x1 +Logical tag 0x5. +@end smallexample + +If the tag violation is asynchronous, the fault address is not available. +In this case @value{GDBN} will show the following: + +@smallexample +Program received signal SIGSEGV, Segmentation fault +Memory tag violation +Fault address unavailable. +@end smallexample + +A special register, @code{tag_ctl}, is made available through the +@code{org.gnu.gdb.aarch64.mte} feature. This register exposes some +options that can be controlled at runtime and emulates the @code{prctl} +option @code{PR_SET_TAGGED_ADDR_CTRL}. For further information, see the +documentation in the Linux kernel. + @node i386 @subsection x86 Architecture-specific Issues -- 2.25.1