From patchwork Fri May 12 23:57:52 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Collingbourne <pcc@google.com>
X-Patchwork-Id: 13239993
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 73194C77B7F
	for <linux-mm@archiver.kernel.org>; Fri, 12 May 2023 23:58:24 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 10964900002; Fri, 12 May 2023 19:58:24 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 0B9846B007D; Fri, 12 May 2023 19:58:24 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id E9C21900002; Fri, 12 May 2023 19:58:23 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com
 [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id DA46A6B007B
	for <linux-mm@kvack.org>; Fri, 12 May 2023 19:58:23 -0400 (EDT)
Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay10.hostedemail.com (Postfix) with ESMTP id A9777C0DB0
	for <linux-mm@kvack.org>; Fri, 12 May 2023 23:58:23 +0000 (UTC)
X-FDA: 80783269686.12.2BCAA85
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	by imf23.hostedemail.com (Postfix) with ESMTP id AED97140011
	for <linux-mm@kvack.org>; Fri, 12 May 2023 23:58:20 +0000 (UTC)
Authentication-Results: imf23.hostedemail.com;
	dkim=pass header.d=google.com header.s=20221208 header.b=RfEuSDTL;
	spf=pass (imf23.hostedemail.com: domain of
 3m9JeZAMKCOQVIIMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--pcc.bounces.google.com
 designates 209.85.215.201 as permitted sender)
 smtp.mailfrom=3m9JeZAMKCOQVIIMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--pcc.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1683935900;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=PFB1dkpGULUqWzGVGpWTfZD/wGkLnLUL2yYSj9UHJe8=;
	b=xPxkh/k5FbLHJGPzpDqUyF4bvLKX0wjj8oD2WHTrtX8BwJpolnCa4qhTy2RZzgCPpQfkI4
	dtWK8FwtdLmU+nO4QcOP3hF0n1ZKDDC30nOTBxb9EiDhnXjXalOMc1Kb/qpY/wkMUk/KaG
	luNOImgvsjjSD4Kpm+F348R/o0zECp0=
ARC-Authentication-Results: i=1;
	imf23.hostedemail.com;
	dkim=pass header.d=google.com header.s=20221208 header.b=RfEuSDTL;
	spf=pass (imf23.hostedemail.com: domain of
 3m9JeZAMKCOQVIIMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--pcc.bounces.google.com
 designates 209.85.215.201 as permitted sender)
 smtp.mailfrom=3m9JeZAMKCOQVIIMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--pcc.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1683935900; a=rsa-sha256;
	cv=none;
	b=dZ7GW/9hyq0D83Wz+s8QCie6D3nt5DH3WB0oTet25RGwsISBm9xnqlYsn4Ng2NZUuMPml3
	VUiAUYyuxtnJzeUsUoAAFomB8qBeZ2tgS2lHsHYgNgC3Mc9b5dW0zE4ddSffzekOH/wPI5
	+v9/F/eI5zgV4ie7xSKnyZnIGVVSsKo=
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-517bad1b8c5so9902148a12.0
        for <linux-mm@kvack.org>; Fri, 12 May 2023 16:58:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20221208; t=1683935899; x=1686527899;
        h=cc:to:from:subject:references:mime-version:message-id:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=PFB1dkpGULUqWzGVGpWTfZD/wGkLnLUL2yYSj9UHJe8=;
        b=RfEuSDTLMnNvVhco/REROey0gb2x3qNZHS7QsUUEezpvjObhi40SJ4Ivhu9qrO+zn9
         KaL54Or+583uthg14uV25Du+x+MjKeSsXpP0N8kbyqmOimQ32HKrIuItJhzMEe7Z7r00
         H3xPmIPgJeHVZwbgHFPY4EK7ygVj2/eXjW5vntomlpbdw4u2rW1l7DywwTG+JbEDqlqW
         a2pVysEP1gPh7M/+7mMP5dvhKaBf8GtLDWx16ApQeX5HQjqiHJ5Sq4w6ZHe7QyWEHes7
         xcFButTqpKqyg6mne6Xbpv8LV/kx6mv3uBW1s8FPhdpT8SGS/NjZYbwltNiI2b33sVlg
         VO5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1683935899; x=1686527899;
        h=cc:to:from:subject:references:mime-version:message-id:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=PFB1dkpGULUqWzGVGpWTfZD/wGkLnLUL2yYSj9UHJe8=;
        b=WB2SHWWR4wvPbj/Pny4BIo/qr1m0Tr0S8tdtXOKwqWhkHmd1AVXiIWrXZdq9Zfs2xq
         dIFkXj/7UBLl1tp0age9W/znQXRgcRzQnsWGyhyNu0/qky7cMMsNI6FExTqsD8zObe0g
         zDdsvPm4Urv4ORaRx+OdCUzeqzFw2aoaBk+p1SsOL5QelLQoIAB8Sup7jFPRpPCFGHGb
         Pss3fPo2tO6msTGAwYDJbpP5VLxS3nVqU7vlbBTPnIioFvJhrk1+6snsZs13NbfevsoG
         d/P/V58C4AQT+9osZ+jTp97c56eWmKEE2TxmYr31U9jNyFJhdgasni2g+aZwE8TV4yc9
         klRg==
X-Gm-Message-State: AC+VfDzv+DOet0a0iPmCzwkFdMV65UIxGvxTMM+3j7HI1OnHNTCLBIoy
	TCO0pNBLlHt1EbkZvow8UCRAKA0=
X-Google-Smtp-Source: 
 ACHHUZ4Om3weymLriZRqilqiW1Q7IzP8A/Hgna9MQFb9oy4dHoPlAMWv6ovNh/hRL0eehCAtf3LXCLo=
X-Received: from pcc-desktop.svl.corp.google.com
 ([2620:15c:2d3:205:ff6:108b:739d:6a1c])
 (user=pcc job=sendgmr) by 2002:a63:151:0:b0:52c:6149:f6be with SMTP id
 78-20020a630151000000b0052c6149f6bemr7437419pgb.4.1683935899323; Fri, 12 May
 2023 16:58:19 -0700 (PDT)
Date: Fri, 12 May 2023 16:57:52 -0700
In-Reply-To: <20230512235755.1589034-1-pcc@google.com>
Message-Id: <20230512235755.1589034-4-pcc@google.com>
Mime-Version: 1.0
References: <20230512235755.1589034-1-pcc@google.com>
X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog
Subject: [PATCH 3/3] arm64: mte: Simplify swap tag restoration logic and fix
 uninitialized tag issue
From: Peter Collingbourne <pcc@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Peter Collingbourne <pcc@google.com>,  " =?utf-8?b?UXVuLXdlaSBMaW4gKA==?=
	=?utf-8?b?5p6X576k5bS0KQ==?= " <Qun-wei.Lin@mediatek.com>,
 linux-arm-kernel@lists.infradead.org,  linux-mm@kvack.org,
 linux-kernel@vger.kernel.org,  "surenb@google.com" <surenb@google.com>,
 "david@redhat.com" <david@redhat.com>,  " =?utf-8?b?Q2hpbndlbiBDaGFuZyAo?=
	=?utf-8?b?5by16Yym5paHKQ==?= " <chinwen.chang@mediatek.com>,
  "kasan-dev@googlegroups.com" <kasan-dev@googlegroups.com>,  "
	=?utf-8?b?S3Vhbi1ZaW5nIExlZSAo5p2O5Yag56mOKQ==?= "
 <Kuan-Ying.Lee@mediatek.com>,
  " =?utf-8?b?Q2FzcGVyIExpICjmnY7kuK3mpq4p?= " <casper.li@mediatek.com>,
  "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
 vincenzo.frascino@arm.com,  Alexandru Elisei <alexandru.elisei@arm.com>,
 will@kernel.org, eugenis@google.com,  Steven Price <steven.price@arm.com>,
 stable@vger.kernel.org
X-Rspam-User: 
X-Rspamd-Server: rspam01
X-Rspamd-Queue-Id: AED97140011
X-Stat-Signature: ghtpaqpgf3zzm5ay6j49bzcdkg7gtirc
X-HE-Tag: 1683935900-165058
X-HE-Meta: 
 U2FsdGVkX1+FsXsFmEiHqlZRaavuAE1XxzHRvRXGJC4GQ7rGaROlqoji3K74Rfpark8ENguznFB7GklgZp1HepkaAXKPVjivUdVJ4ypxgDiIP5m3ki+PyGwYFeI4vLDWY27Nol0Or4ohndl5UvXPVzxcBZ+/3AyS+FUrQzyjmnS1Klv0s4AeACP5MufBR4Z8HKIJzIP8dIyf4WI+/32xSet4OxEIRP4o8arJszBGjj46rHdk1jSB9HPbFf3U+odttlyDpkNYICJ0ETI+iJPyb0wZgOuN9xrZd15u5iOSTdAsL55HMx4xNG3H9gJgD/TdpTGN3w0c7PqWlGS4DCb0NG2SLPZ2Yx5Y1opR7SouusMhQbIs3nwqvz4mHLYeLEDIQnVcPabnrOrOL/Agz8vx61w9wSjvumVRNftu8rnAojI7ujiFnl4fkok9AoqVnUAa7rO6KomGQhHFCFtfgszxUOiBGhYSf0eDkCEFdfwmBtW2YTEsr1d6uWkSt3fGuvg5TLLdaAdMl98yQYLfDVYw8s1HwPpYqzZYRrMs975JYgqUVLTj1mFqQML8Czflmqott6Yz8yfxBePmJHICZ9SulNsZYHPRH6k1Ogk/ZPpzz7FwxKvPshBvgaanKWDxgHJCCUvV++K3ml+5pZgx5UiSmZC3VNq/7OMnpPxnyKLnG94Qrjwf26aoe7BpSlS/Xd/dekWcTzujTIt8WY4Fl4ls88MUXTnEiIbyd1goqKLqHayfJttiskZnU/ecMfjxoRJ/BeZZJJLml4DAaavDe5Paf7zPWwXwapS41YgWZHtWLpocUjghIF3RfZ5Bj4X/RuZpEukfKZPtuS2rM4OBpx4N7sWHMstDM1DENxmQQb6uVBsEkJR13/w7weBpn4hkFYOJ6Xkou2TvMnFWuyd+KKoKlJf2SQI5Og6e6/tWhJZRynmvZIXnITfbA01s30RUYgJz5JsEXoXstxBpLldhFRg
 v5dRqmzF
 JPSh/3/0iwLMkG9tATkST8bDeWq+rtjRU6imqPgEG8WYo3mExRsT0IkRz91mYXAZ/yMV8X6raV4FgeK4D+8y5huH7zBn8hbHI2ULznGpCaz9wWGVdV/YU0uwEk/uhAA9x63w/q9vYePt7vp88tcYWt0tpBDwKyNgnyXI4ZbbceufNXZ6x4UfovNMuf9Vh9FEvNnmM5Nawbg4wzxZTjSiAvT/n1412hf1TcjZClGe3FXOEU0/uaZ821+3aFYKeBSzz4IVGT3kl3vVA4IdDM3JcTtmKyFxGFbKo1NcreT4IPyihK0ZBrAqy5ElrVA+qmdpbIgdd+mT4bVRrgZ4nZdET1j/Q/pg78Iu/ujP/5+PvngDfGtjUpeGSqWR3mItm8e7ykPozXG4T5DbRgIUOaw2Bo40rnpw6jQU057FoOrW2IMWB9EELQ3Huh0GlmoFksP/97o5DibVNAnE7EnOeg9vuWWfIkSIMNc2nMKWWITSgXTJO6o/77tSfGsC0ILK5nbnmSLsXyrc7/2iKkwqqZLQpG8ZdqSfwlaZvcYTggl9P733JIAx0kCQLLim+AwmwrxGP+LSOEdNzvKcFyNRrkWPfZdZwjiewZA0zdZqy0WeJKV5N78nIYBJ0Y8bzWwPexlcl/rkB2BplPYbhH5fQlGcl5I92BiiIUYvXuleG/Yjf1fLQ8kpDrfT/CRUISIHTjA9IZc4qJBlcy1PI78Ow4pu+VI5q7naGIu8KeWG6mRIPCakv927NypAVSeb9uQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

As a result of the previous two patches, there are no circumstances
in which a swapped-in page is installed in a page table without first
having arch_swap_restore() called on it. Therefore, we no longer need
the logic in set_pte_at() that restores the tags, so remove it.

Because we can now rely on the page being locked, we no longer need to
handle the case where a page is having its tags restored by multiple tasks
concurrently, so we can slightly simplify the logic in mte_restore_tags().

This patch also fixes an issue where a page can have PG_mte_tagged set
with uninitialized tags. The issue is that the mte_sync_page_tags()
function sets PG_mte_tagged if it initializes page tags. Then we
return to mte_sync_tags(), which sets PG_mte_tagged again. At best,
this is redundant. However, it is possible for mte_sync_page_tags()
to return without having initialized tags for the page, i.e. in the
case where check_swap is true (non-compound page), is_swap_pte(old_pte)
is false and pte_is_tagged is false. So at worst, we set PG_mte_tagged
on a page with uninitialized tags. This can happen if, for example,
page migration causes a PTE for an untagged page to be replaced. If the
userspace program subsequently uses mprotect() to enable PROT_MTE for
that page, the uninitialized tags will be exposed to userspace.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Link: https://linux-review.googlesource.com/id/I8ad54476f3b2d0144ccd8ce0c1d7a2963e5ff6f3
Fixes: e059853d14ca ("arm64: mte: Fix/clarify the PG_mte_tagged semantics")
Cc: <stable@vger.kernel.org> # 6.1
---
The Fixes: tag (and the commit message in general) are written assuming
that this patch is landed in a maintainer tree instead of
"arm64: mte: Do not set PG_mte_tagged if tags were not initialized".

 arch/arm64/include/asm/mte.h     |  4 ++--
 arch/arm64/include/asm/pgtable.h | 14 ++------------
 arch/arm64/kernel/mte.c          | 32 +++-----------------------------
 arch/arm64/mm/mteswap.c          |  7 +++----
 4 files changed, 10 insertions(+), 47 deletions(-)

diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h
index 20dd06d70af5..dfea486a6a85 100644
--- a/arch/arm64/include/asm/mte.h
+++ b/arch/arm64/include/asm/mte.h
@@ -90,7 +90,7 @@ static inline bool try_page_mte_tagging(struct page *page)
 }
 
 void mte_zero_clear_page_tags(void *addr);
-void mte_sync_tags(pte_t old_pte, pte_t pte);
+void mte_sync_tags(pte_t pte);
 void mte_copy_page_tags(void *kto, const void *kfrom);
 void mte_thread_init_user(void);
 void mte_thread_switch(struct task_struct *next);
@@ -122,7 +122,7 @@ static inline bool try_page_mte_tagging(struct page *page)
 static inline void mte_zero_clear_page_tags(void *addr)
 {
 }
-static inline void mte_sync_tags(pte_t old_pte, pte_t pte)
+static inline void mte_sync_tags(pte_t pte)
 {
 }
 static inline void mte_copy_page_tags(void *kto, const void *kfrom)
diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
index b6ba466e2e8a..efdf48392026 100644
--- a/arch/arm64/include/asm/pgtable.h
+++ b/arch/arm64/include/asm/pgtable.h
@@ -337,18 +337,8 @@ static inline void __set_pte_at(struct mm_struct *mm, unsigned long addr,
 	 * don't expose tags (instruction fetches don't check tags).
 	 */
 	if (system_supports_mte() && pte_access_permitted(pte, false) &&
-	    !pte_special(pte)) {
-		pte_t old_pte = READ_ONCE(*ptep);
-		/*
-		 * We only need to synchronise if the new PTE has tags enabled
-		 * or if swapping in (in which case another mapping may have
-		 * set tags in the past even if this PTE isn't tagged).
-		 * (!pte_none() && !pte_present()) is an open coded version of
-		 * is_swap_pte()
-		 */
-		if (pte_tagged(pte) || (!pte_none(old_pte) && !pte_present(old_pte)))
-			mte_sync_tags(old_pte, pte);
-	}
+	    !pte_special(pte) && pte_tagged(pte))
+		mte_sync_tags(pte);
 
 	__check_safe_pte_update(mm, ptep, pte);
 
diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c
index f5bcb0dc6267..c40728046fed 100644
--- a/arch/arm64/kernel/mte.c
+++ b/arch/arm64/kernel/mte.c
@@ -35,41 +35,15 @@ DEFINE_STATIC_KEY_FALSE(mte_async_or_asymm_mode);
 EXPORT_SYMBOL_GPL(mte_async_or_asymm_mode);
 #endif
 
-static void mte_sync_page_tags(struct page *page, pte_t old_pte,
-			       bool check_swap, bool pte_is_tagged)
-{
-	if (check_swap && is_swap_pte(old_pte)) {
-		swp_entry_t entry = pte_to_swp_entry(old_pte);
-
-		if (!non_swap_entry(entry))
-			mte_restore_tags(entry, page);
-	}
-
-	if (!pte_is_tagged)
-		return;
-
-	if (try_page_mte_tagging(page)) {
-		mte_clear_page_tags(page_address(page));
-		set_page_mte_tagged(page);
-	}
-}
-
-void mte_sync_tags(pte_t old_pte, pte_t pte)
+void mte_sync_tags(pte_t pte)
 {
 	struct page *page = pte_page(pte);
 	long i, nr_pages = compound_nr(page);
-	bool check_swap = nr_pages == 1;
-	bool pte_is_tagged = pte_tagged(pte);
-
-	/* Early out if there's nothing to do */
-	if (!check_swap && !pte_is_tagged)
-		return;
 
 	/* if PG_mte_tagged is set, tags have already been initialised */
 	for (i = 0; i < nr_pages; i++, page++) {
-		if (!page_mte_tagged(page)) {
-			mte_sync_page_tags(page, old_pte, check_swap,
-					   pte_is_tagged);
+		if (try_page_mte_tagging(page)) {
+			mte_clear_page_tags(page_address(page));
 			set_page_mte_tagged(page);
 		}
 	}
diff --git a/arch/arm64/mm/mteswap.c b/arch/arm64/mm/mteswap.c
index cd508ba80ab1..3a78bf1b1364 100644
--- a/arch/arm64/mm/mteswap.c
+++ b/arch/arm64/mm/mteswap.c
@@ -53,10 +53,9 @@ void mte_restore_tags(swp_entry_t entry, struct page *page)
 	if (!tags)
 		return;
 
-	if (try_page_mte_tagging(page)) {
-		mte_restore_page_tags(page_address(page), tags);
-		set_page_mte_tagged(page);
-	}
+	WARN_ON_ONCE(!try_page_mte_tagging(page));
+	mte_restore_page_tags(page_address(page), tags);
+	set_page_mte_tagged(page);
 }
 
 void mte_invalidate_tags(int type, pgoff_t offset)