Hi Okash, There is some benefit in enabling MTE2 in BL31 as it is one more tool to detect code issues. This will probably remain as a development tool and not see any deployment on any real hardware platform for EL3 firmware I think. So, this would be nice to have but not a high priority task and can possibly be only enabled on FVP (or a platform which can run BL31 from DDR).
Best Regards Soby Mathew
From: Okash Khawaja okash@google.com Sent: 14 April 2022 16:46 To: Soby Mathew Soby.Mathew@arm.com Cc: Manish Badarkhe Manish.Badarkhe@arm.com; tf-a@lists.trustedfirmware.org Subject: Re: [TF-A] Re: Status of MTE for bl31
Thanks Soby. I agree, SRAM-based BL31 won't benefit from MTE.
So, given the above situation, value in enabling MTE2 for BL31 seems limited.
Sure. Do we still want to keep MTE1 around? Is there a real benefit of MTE1 without MTE2?
On Wed, Apr 13, 2022 at 4:59 PM Soby Mathew <Soby.Mathew@arm.commailto:Soby.Mathew@arm.com> wrote: Hi Okash My 2 cents on this.. Static analyzers can flag use-after-free stack object issues although it is not guaranteed to catch all issues.
Another factor to consider is that BL31 typically runs out of SRAM and it does seem unlikely the hardware implements tag memory for SRAM. So it could be that MTE2 for BL31 would remain an FVP only feature or only for those platforms which allows BL31 to run out of DDR.
So, given the above situation, value in enabling MTE2 for BL31 seems limited.
Best Regards Soby Mathew
-----Original Message----- From: Okash Khawaja via TF-A <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Sent: 07 April 2022 11:41 To: Manish Badarkhe <Manish.Badarkhe@arm.commailto:Manish.Badarkhe@arm.com> Cc: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org Subject: [TF-A] Re: Status of MTE for bl31
Hi Manish,
Thanks for confirming. Regarding benefit of MTE in BL31, it will basically add guards against stack overflows and use-after-free bugs related to objects allocated on stack. Regarding stack overflow, TF-A already has stack canaries. MTE protection will be stronger than canaries. So MTE adds a marginal benefit here. Regarding use-after-free of stack objects, I'm not sure if TF-A has adequate protections. On the down side, MTE adds performance overhead and increases code size. We probably need some numbers to see the overhead of MTE.
It will be good to know what the community thinks are the benefits of MTE are on balance.
Thanks, Okash
On Thu, Apr 7, 2022 at 9:21 AM Manish Badarkhe <Manish.Badarkhe@arm.commailto:Manish.Badarkhe@arm.com> wrote:
Hi Okash,
Introduced build option [1] limits to MTE1 that supports MTE related instructions, but does not offer any functional usage in terms of detecting tag check faults. That's why memory is not configured as normal tagged (which is an MTE2 feature) in BL31, and support for MTE2 for BL31 is a topic for technical debt.
re-a/+/fd32deeed9914a33341c821e18a1ced29bbe2185
Thanks, Manish Badarkhe
From: Okash Khawaja <okash@google.commailto:okash@google.com> Date: Tuesday, 5 April 2022 at 16:13 To: Manish Badarkhe <Manish.Badarkhe@arm.commailto:Manish.Badarkhe@arm.com> Cc: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Subject: Re: [TF-A] Status of MTE for bl31
Hi Manish,
That's another question I wanted to follow up with. Is there any real benefit
of MTE for BL31 given that it doesn't allocate memory dynamically. I guess stack tagging is the only use of MTE in BL31?
The concern in the original email is whether the support is incomplete. Can
you confirm?
Thanks,
Okash
On Tue, Apr 5, 2022 at 3:27 PM Manish Badarkhe
<Manish.Badarkhe@arm.commailto:Manish.Badarkhe@arm.com> wrote:
Hi Okash,
Could you please let us know the real use case/requirement where you want
MTE to be available at EL3?
Thanks, Manish Badarkhe
From: Okash Khawaja via TF-A <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Date: Friday, 1 April 2022 at 19:51 To: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Subject: [TF-A] Status of MTE for bl31
Hi,
I wanted to check the status of MTE support for bl31 itself. It seems like the support was added [1] for clang and armclang but I couldn't find the memory attribute to map pages as tag checked [2]. Is there something I missed?
Thanks, Okash
[1] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmwa re-a/+/fd32deeed9914a33341c821e18a1ced29bbe2185
[2] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmwa re-a/+/refs/tags/v2.6/lib/xlat_tables_v2/aarch64/xlat_tables_arch.c#25 4 -- TF-A mailing list -- tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org To unsubscribe send an email to tf-a-leave@lists.trustedfirmware.orgmailto:tf-a-leave@lists.trustedfirmware.org
-- TF-A mailing list -- tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org To unsubscribe send an email to tf-a-leave@lists.trustedfirmware.orgmailto:tf-a-leave@lists.trustedfirmware.org