Hi Manish,
Thanks for confirming. Regarding benefit of MTE in BL31, it will basically add guards against stack overflows and use-after-free bugs related to objects allocated on stack. Regarding stack overflow, TF-A already has stack canaries. MTE protection will be stronger than canaries. So MTE adds a marginal benefit here. Regarding use-after-free of stack objects, I'm not sure if TF-A has adequate protections. On the down side, MTE adds performance overhead and increases code size. We probably need some numbers to see the overhead of MTE.
It will be good to know what the community thinks are the benefits of MTE are on balance.
Thanks, Okash
On Thu, Apr 7, 2022 at 9:21 AM Manish Badarkhe Manish.Badarkhe@arm.com wrote:
Hi Okash,
Introduced build option [1] limits to MTE1 that supports MTE related instructions, but does not offer any functional usage in terms of detecting tag check faults. That's why memory is not configured as normal tagged (which is an MTE2 feature) in BL31, and support for MTE2 for BL31 is a topic for technical debt.
Thanks, Manish Badarkhe
From: Okash Khawaja okash@google.com Date: Tuesday, 5 April 2022 at 16:13 To: Manish Badarkhe Manish.Badarkhe@arm.com Cc: tf-a@lists.trustedfirmware.org tf-a@lists.trustedfirmware.org Subject: Re: [TF-A] Status of MTE for bl31
Hi Manish,
That's another question I wanted to follow up with. Is there any real benefit of MTE for BL31 given that it doesn't allocate memory dynamically. I guess stack tagging is the only use of MTE in BL31?
The concern in the original email is whether the support is incomplete. Can you confirm?
Thanks,
Okash
On Tue, Apr 5, 2022 at 3:27 PM Manish Badarkhe Manish.Badarkhe@arm.com wrote:
Hi Okash,
Could you please let us know the real use case/requirement where you want MTE to be available at EL3?
Thanks, Manish Badarkhe
From: Okash Khawaja via TF-A tf-a@lists.trustedfirmware.org Date: Friday, 1 April 2022 at 19:51 To: tf-a@lists.trustedfirmware.org tf-a@lists.trustedfirmware.org Subject: [TF-A] Status of MTE for bl31
Hi,
I wanted to check the status of MTE support for bl31 itself. It seems like the support was added [1] for clang and armclang but I couldn't find the memory attribute to map pages as tag checked [2]. Is there something I missed?
Thanks, Okash
[1] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+...
[2] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+...
TF-A mailing list -- tf-a@lists.trustedfirmware.org To unsubscribe send an email to tf-a-leave@lists.trustedfirmware.org