Re: [PATCH,v3] [aarch64] Fix removal of non-address bits for PAuth

public inbox for gdb-patches@sourceware.org
 help / color / mirror / Atom feed

From: Luis Machado <luis.machado@arm.com>
To: Lancelot SIX <lsix@lancelotsix.com>
Cc: gdb-patches@sourceware.org, jhb@FreeBSD.org, thiago.bauermann@linaro.org
Subject: Re: [PATCH,v3] [aarch64] Fix removal of non-address bits for PAuth
Date: Thu, 22 Sep 2022 17:39:23 +0100	[thread overview]
Message-ID: <b79d6348-af57-9734-ce40-c4eca6cc0e06@arm.com> (raw)
In-Reply-To: <20220922125805.hvekyxcf3nc2i764@ubuntu.lan>

Hi,

On 9/22/22 13:59, Lancelot SIX wrote:
> Hi Luis,
> 
> I went through the patch and have a couple of questions above.
> 
>> diff --git a/gdb/aarch64-linux-tdep.c b/gdb/aarch64-linux-tdep.c
>> index 15773c75da8..279c8d98f5d 100644
>> --- a/gdb/aarch64-linux-tdep.c
>> +++ b/gdb/aarch64-linux-tdep.c
>> @@ -1787,7 +1787,8 @@ aarch64_linux_report_signal_info (struct gdbarch *gdbarch,
>>         uiout->text ("\n");
>>   
>>         gdb::optional<CORE_ADDR> atag
>> -	= aarch64_mte_get_atag (address_significant (gdbarch, fault_addr));
>> +	= aarch64_mte_get_atag (gdbarch_remove_non_address_bits (gdbarch,
>> +								 fault_addr));
>>         gdb_byte ltag = aarch64_mte_get_ltag (fault_addr);
>>   
>>         if (!atag.has_value ())
>> @@ -1961,6 +1962,47 @@ aarch64_linux_decode_memtag_section (struct gdbarch *gdbarch,
>>     return tags;
>>   }
>>   
>> +/* AArch64 implementation of the remove_non_address_bits gdbarch hook.  Remove
>> +   non address bits from a pointer value.  */
>> +
>> +static CORE_ADDR
>> +aarch64_remove_non_address_bits (struct gdbarch *gdbarch, CORE_ADDR pointer)
>> +{
>> +  aarch64_gdbarch_tdep *tdep = gdbarch_tdep<aarch64_gdbarch_tdep> (gdbarch);
>> +
>> +  /* By default, we assume TBI and discard the top 8 bits plus the VA range
>> +     select bit (55).  */
>> +  CORE_ADDR mask = AARCH64_TOP_BITS_MASK;
>> +
>> +  if (tdep->has_pauth ())
>> +    {
>> +      /* Fetch the PAC masks.  These masks are per-process, so we can just
>> +	 fetch data from whatever thread we have at the moment.
>> +
>> +	 Also, we have both a code mask and a data mask.  For now they are the
>> +	 same, but this may change in the future.  */
>> +      struct regcache *regs = get_current_regcache ();
>> +      CORE_ADDR cmask, dmask;
>> +
>> +      if (regs->cooked_read (tdep->pauth_reg_base, &dmask) != REG_VALID)
>> +	dmask = mask;
>> +
>> +      if (regs->cooked_read (tdep->pauth_reg_base + 1, &cmask) != REG_VALID)
>> +	cmask = mask;
>> +
>> +      if (dmask != cmask)
>> +	{
>> +	  /* Warn if the masks are different.  */
>> +	  aarch64_pauth_mask_warning ();
>> +	  mask |= dmask > cmask? dmask : cmask;
>> +	}
>> +      else
>> +	mask |= cmask;
> 
> Here, I am wondering what happens if either cooked_read does not return
> ROG_VALID.  Wouldn't cmask/dmask have un-initialized values, making the
> end of the method hazardous?
> 
> I guess initializing both to 0 would solve this.
> 

If either one of the register reads fail, then we assign the default MASK. Otherwise we
continue with using the mask that's been read from the register.

Does that make sense?

>> +    }
>> +
>> +  return aarch64_remove_top_bits (pointer, mask);
>> +}
>> +
>>   static void
>>   aarch64_linux_init_abi (struct gdbarch_info info, struct gdbarch *gdbarch)
>>   {
>> index 0f73286f145..d9c4b994850 100644
>> --- a/gdb/arch/aarch64.c
>> +++ b/gdb/arch/aarch64.c
>> @@ -58,3 +58,30 @@ aarch64_create_target_description (const aarch64_features &features)
>>   
>>     return tdesc.release ();
>>   }
>> +
>> +/* See arch/aarch64.h.  */
>> +
>> +CORE_ADDR
>> +aarch64_remove_top_bits (CORE_ADDR pointer, CORE_ADDR mask)
>> +{
>> +  /* The VA range select bit is 55.  This bit tells us if we have a
>> +     kernel-space address or a user-space address.  */
>> +  bool kernel_address = (pointer & VA_RANGE_SELECT_BIT_MASK) != 0;
>> +
> 
> I am wondering: is this Linux specific or is this valid accross all
> configurations?  If this is linux specific, is aarch64.c the right place
> to implement this?

Although this is only used on Linux systems at the moment, it is not technically Linux-specific.

When we say kernel-space, it means the other half of the VA space (non-user).

I have an upcoming patch (relying on this one) to use this function for bare metal pointer authentication
support (with user QEMU). So I think it makes sense to have this function in arch-specific code
and not in Linux-specific code.

> 
> Best,
> Lancelot.
> 
>> +  /* Remove the top non-address bits.  */
>> +  pointer &= ~mask;
>> +
>> +  /* Sign-extend if we have a kernel-space address.  */
>> +  if (kernel_address)
>> +    pointer |= mask;
>> +
>> +  return pointer;
>> +}
>> +
>> +/* See arch/aarch64.h.  */
>> +
>> +void
>> +aarch64_pauth_mask_warning ()
>> +{
>> +  warning (_("Pointer authentication masks for code (C) and data (D) differ"));
>> +}

next prev parent reply	other threads:[~2022-09-22 16:39 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-05 14:00 [PATCH] [AArch64] " Luis Machado
2022-07-05 18:12 ` John Baldwin
2022-07-06 11:38 ` Lancelot SIX
2022-07-08 11:36   ` Luis Machado
2022-07-11 11:55 ` [PATCH,v2] [aarch64] " Luis Machado
2022-07-18  8:16   ` [Ping v1][PATCH,v2] " Luis Machado
2022-08-01 11:09     ` [Ping v2][PATCH,v2] " Luis Machado
2022-08-08 11:34   ` [Ping v3][PATCH,v2] " Luis Machado
2022-08-18 15:49   ` [Ping v4][PATCH,v2] " Luis Machado
2022-08-18 23:47   ` [PATCH,v2] " Thiago Jung Bauermann
2022-08-19  9:52     ` Luis Machado
2022-08-19 14:06       ` Thiago Jung Bauermann
2022-08-23 20:29 ` [PATCH,v3] " Luis Machado
2022-08-24 18:44   ` Thiago Jung Bauermann
2022-09-01  9:29   ` [PING][PATCH,v3] " Luis Machado
2022-09-07  8:21   ` Luis Machado
2022-09-12 12:47   ` Luis Machado
2022-09-20 12:26   ` Luis Machado
2022-09-22 12:59   ` [PATCH,v3] " Lancelot SIX
2022-09-22 16:39     ` Luis Machado [this message]
2022-09-23  7:58       ` Lancelot SIX
2022-10-03 11:37   ` [PING][PATCH,v3] " Luis Machado
2022-10-10 12:18   ` Luis Machado
2022-10-17 10:04   ` Luis Machado
2022-10-25 13:52   ` Luis Machado
2022-11-10  1:00   ` Luis Machado
2022-11-29 22:19   ` Luis Machado
2022-12-09 16:42   ` Luis Machado
2022-12-09 19:14   ` [PATCH,v3] " Simon Marchi
2022-12-12 14:21     ` Luis Machado
2022-12-12 15:07       ` Simon Marchi
2022-12-12 17:13 ` [PATCH v4] " Luis Machado
2022-12-12 18:54   ` Simon Marchi
2022-12-13  9:18     ` Luis Machado
2022-12-13 10:27 ` [PATCH v5] " Luis Machado
2022-12-16 10:57 ` [PATCH v6] " Luis Machado
2022-12-16 11:20   ` Luis Machado

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b79d6348-af57-9734-ce40-c4eca6cc0e06@arm.com \
    --to=luis.machado@arm.com \
    --cc=gdb-patches@sourceware.org \
    --cc=jhb@FreeBSD.org \
    --cc=lsix@lancelotsix.com \
    --cc=thiago.bauermann@linaro.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).