This is an archive of the discontinued LLVM Phabricator instance.

Differential D117672

[lldb] Remove non-address bits from addresses given to memory tag commands
ClosedPublic

Authored by DavidSpickett on Jan 19 2022, 6:13 AM.

Download Raw Diff

Details

Reviewers

omjavaid

Commits

rG787f91b0bb34: [lldb] Remove non-address bits from addresses given to memory tag commands

Summary

Although the memory tag commands use a memory tag manager to handle
addresses, that only removes the top byte.

That top byte is 4 bits of memory tag and 4 free bits, which is more
than it should strictly remove but that's how it is for now.

There are other non-address bit uses like pointer authentication.
To ensure the memory tag manager only has to deal with memory tags,
use the ABI plugin to remove the rest.

The tag access test has been updated to sign all the relevant pointers
and require that we're running on a system with pointer authentication
in addition to memory tagging.

The pointers will look like:
<4 bit user tag><4 bit memory tag><signature><bit virtual address>

Note that there is currently no API for reading memory tags. It will
also have to consider this when it arrives.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

DavidSpickett requested review of this revision.Jan 19 2022, 6:13 AM

DavidSpickett created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptJan 19 2022, 6:13 AM

Herald added a subscriber: lldb-commits. · View Herald Transcript

DavidSpickett added a parent revision: D117671: [lldb] Rename MemoryTagManager RemoveNonAddressBits to RemoveTagBits.Jan 19 2022, 6:14 AM

Herald added a subscriber: JDevlieghere. · View Herald TranscriptJan 19 2022, 6:14 AM

Harbormaster completed remote builds in B144271: Diff 401206.Jan 19 2022, 6:17 AM

DavidSpickett added a reviewer: omjavaid.Jan 19 2022, 6:20 AM

omjavaid accepted this revision.Jan 19 2022, 4:32 PM

This revision is now accepted and ready to land.Jan 19 2022, 4:32 PM

Closed by commit rG787f91b0bb34: [lldb] Remove non-address bits from addresses given to memory tag commands (authored by DavidSpickett). · Explain WhyJan 20 2022, 2:48 AM

This revision was automatically updated to reflect the committed changes.

DavidSpickett added a commit: rG787f91b0bb34: [lldb] Remove non-address bits from addresses given to memory tag commands.

DavidSpickett mentioned this in rG3e6be0241b31: [lldb] Update release notes with non-address bit handling changes.Jan 24 2022, 3:20 AM

Revision Contents

Path

Size

lldb/

source/

Commands/

CommandObjectMemoryTag.cpp

23 lines

test/

API/

linux/

aarch64/

mte_tag_access/

TestAArch64LinuxMTEMemoryTagAccess.py

5 lines

main.c

14 lines

Diff 401573

lldb/source/Commands/CommandObjectMemoryTag.cpp

//===-- CommandObjectMemoryTag.cpp ----------------------------------------===//		//===-- CommandObjectMemoryTag.cpp ----------------------------------------===//
//		//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.		// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.		// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception		// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "CommandObjectMemoryTag.h"		#include "CommandObjectMemoryTag.h"
#include "lldb/Host/OptionParser.h"		#include "lldb/Host/OptionParser.h"
#include "lldb/Interpreter/CommandReturnObject.h"		#include "lldb/Interpreter/CommandReturnObject.h"
#include "lldb/Interpreter/OptionArgParser.h"		#include "lldb/Interpreter/OptionArgParser.h"
#include "lldb/Interpreter/OptionGroupFormat.h"		#include "lldb/Interpreter/OptionGroupFormat.h"
#include "lldb/Interpreter/OptionValueString.h"		#include "lldb/Interpreter/OptionValueString.h"
		#include "lldb/Target/ABI.h"
#include "lldb/Target/Process.h"		#include "lldb/Target/Process.h"

using namespace lldb;		using namespace lldb;
using namespace lldb_private;		using namespace lldb_private;

#define LLDB_OPTIONS_memory_tag_read		#define LLDB_OPTIONS_memory_tag_read
#include "CommandOptions.inc"		#include "CommandOptions.inc"

▲ Show 20 Lines • Show All 57 Lines • ▼ Show 20 Lines	bool DoExecute(Args &command, CommandReturnObject &result) override {
}		}

const MemoryTagManager tag_manager = tag_manager_or_err;		const MemoryTagManager tag_manager = tag_manager_or_err;

MemoryRegionInfos memory_regions;		MemoryRegionInfos memory_regions;
// If this fails the list of regions is cleared, so we don't need to read		// If this fails the list of regions is cleared, so we don't need to read
// the return status here.		// the return status here.
process->GetMemoryRegions(memory_regions);		process->GetMemoryRegions(memory_regions);

		lldb::addr_t logical_tag = tag_manager->GetLogicalTag(start_addr);

		// The tag manager only removes tag bits. These addresses may include other
		// non-address bits that must also be ignored.
		ABISP abi = process->GetABI();
		if (abi) {
		start_addr = abi->FixDataAddress(start_addr);
		end_addr = abi->FixDataAddress(end_addr);
		}

llvm::Expected<MemoryTagManager::TagRange> tagged_range =		llvm::Expected<MemoryTagManager::TagRange> tagged_range =
tag_manager->MakeTaggedRange(start_addr, end_addr, memory_regions);		tag_manager->MakeTaggedRange(start_addr, end_addr, memory_regions);

if (!tagged_range) {		if (!tagged_range) {
result.SetError(Status(tagged_range.takeError()));		result.SetError(Status(tagged_range.takeError()));
return false;		return false;
}		}

llvm::Expected<std::vector<lldb::addr_t>> tags = process->ReadMemoryTags(		llvm::Expected<std::vector<lldb::addr_t>> tags = process->ReadMemoryTags(
tagged_range->GetRangeBase(), tagged_range->GetByteSize());		tagged_range->GetRangeBase(), tagged_range->GetByteSize());

if (!tags) {		if (!tags) {
result.SetError(Status(tags.takeError()));		result.SetError(Status(tags.takeError()));
return false;		return false;
}		}

lldb::addr_t logical_tag = tag_manager->GetLogicalTag(start_addr);
result.AppendMessageWithFormatv("Logical tag: {0:x}", logical_tag);		result.AppendMessageWithFormatv("Logical tag: {0:x}", logical_tag);
result.AppendMessage("Allocation tags:");		result.AppendMessage("Allocation tags:");

addr_t addr = tagged_range->GetRangeBase();		addr_t addr = tagged_range->GetRangeBase();
for (auto tag : *tags) {		for (auto tag : *tags) {
addr_t next_addr = addr + tag_manager->GetGranuleSize();		addr_t next_addr = addr + tag_manager->GetGranuleSize();
// Showing tagged adresses here until we have non address bit handling		// Showing tagged adresses here until we have non address bit handling
result.AppendMessageWithFormatv("[{0:x}, {1:x}): {2:x}{3}", addr,		result.AppendMessageWithFormatv("[{0:x}, {1:x}): {2:x}{3}", addr,
▲ Show 20 Lines • Show All 113 Lines • ▼ Show 20 Lines	bool DoExecute(Args &command, CommandReturnObject &result) override {

const MemoryTagManager tag_manager = tag_manager_or_err;		const MemoryTagManager tag_manager = tag_manager_or_err;

MemoryRegionInfos memory_regions;		MemoryRegionInfos memory_regions;
// If this fails the list of regions is cleared, so we don't need to read		// If this fails the list of regions is cleared, so we don't need to read
// the return status here.		// the return status here.
process->GetMemoryRegions(memory_regions);		process->GetMemoryRegions(memory_regions);

		// The tag manager only removes tag bits. These addresses may include other
		// non-address bits that must also be ignored.
		ABISP abi = process->GetABI();
		if (abi)
		start_addr = abi->FixDataAddress(start_addr);

// We have to assume start_addr is not granule aligned.		// We have to assume start_addr is not granule aligned.
// So if we simply made a range:		// So if we simply made a range:
// (start_addr, start_addr + (N * granule_size))		// (start_addr, start_addr + (N * granule_size))
// We would end up with a range that isn't N granules but N+1		// We would end up with a range that isn't N granules but N+1
// granules. To avoid this we'll align the start first using the method that		// granules. To avoid this we'll align the start first using the method that
// doesn't check memory attributes. (if the final range is untagged we'll		// doesn't check memory attributes. (if the final range is untagged we'll
// handle that error later)		// handle that error later)
lldb::addr_t aligned_start_addr =		lldb::addr_t aligned_start_addr =
tag_manager->ExpandToGranule(MemoryTagManager::TagRange(start_addr, 1))		tag_manager->ExpandToGranule(MemoryTagManager::TagRange(start_addr, 1))
.GetRangeBase();		.GetRangeBase();

lldb::addr_t end_addr = 0;		lldb::addr_t end_addr = 0;
// When you have an end address you want to align the range like tag read		// When you have an end address you want to align the range like tag read
// does. Meaning, align the start down (which we've done) and align the end		// does. Meaning, align the start down (which we've done) and align the end
// up.		// up.
if (m_tag_write_options.m_end_addr != LLDB_INVALID_ADDRESS)		if (m_tag_write_options.m_end_addr != LLDB_INVALID_ADDRESS)
end_addr = m_tag_write_options.m_end_addr;		end_addr = m_tag_write_options.m_end_addr;
else		else
// Without an end address assume number of tags matches number of granules		// Without an end address assume number of tags matches number of granules
// to write to		// to write to
end_addr =		end_addr =
aligned_start_addr + (tags.size() * tag_manager->GetGranuleSize());		aligned_start_addr + (tags.size() * tag_manager->GetGranuleSize());

		// Remove non-address bits that aren't memory tags
		if (abi)
		end_addr = abi->FixDataAddress(end_addr);

// Now we've aligned the start address so if we ask for another range		// Now we've aligned the start address so if we ask for another range
// using the number of tags N, we'll get back a range that is also N		// using the number of tags N, we'll get back a range that is also N
// granules in size.		// granules in size.
llvm::Expected<MemoryTagManager::TagRange> tagged_range =		llvm::Expected<MemoryTagManager::TagRange> tagged_range =
tag_manager->MakeTaggedRange(aligned_start_addr, end_addr,		tag_manager->MakeTaggedRange(aligned_start_addr, end_addr,
memory_regions);		memory_regions);

if (!tagged_range) {		if (!tagged_range) {
Show All 36 Lines

lldb/test/API/linux/aarch64/mte_tag_access/TestAArch64LinuxMTEMemoryTagAccess.py

Show All 14 Lines	class AArch64LinuxMTEMemoryTagAccessTestCase(TestBase):
mydir = TestBase.compute_mydir(__file__)		mydir = TestBase.compute_mydir(__file__)

NO_DEBUG_INFO_TESTCASE = True		NO_DEBUG_INFO_TESTCASE = True

def setup_mte_test(self):		def setup_mte_test(self):
if not self.isAArch64MTE():		if not self.isAArch64MTE():
self.skipTest('Target must support MTE.')		self.skipTest('Target must support MTE.')

		# Required to check that commands remove non-address bits
		# other than the memory tags.
		if not self.isAArch64PAuth():
		self.skipTest('Target must support pointer authentication')

self.build()		self.build()
self.runCmd("file " + self.getBuildArtifact("a.out"), CURRENT_EXECUTABLE_SET)		self.runCmd("file " + self.getBuildArtifact("a.out"), CURRENT_EXECUTABLE_SET)

lldbutil.run_break_set_by_file_and_line(self, "main.c",		lldbutil.run_break_set_by_file_and_line(self, "main.c",
line_number('main.c', '// Breakpoint here'),		line_number('main.c', '// Breakpoint here'),
num_expected_locations=1)		num_expected_locations=1)

self.runCmd("run", RUN_SUCCEEDED)		self.runCmd("run", RUN_SUCCEEDED)
▲ Show 20 Lines • Show All 253 Lines • Show Last 20 Lines

lldb/test/API/linux/aarch64/mte_tag_access/main.c

Show First 20 Lines • Show All 65 Lines • ▼ Show 20 Lines	int main(int argc, char const *argv[]) {
}		}

// Tag the original pointer with 9		// Tag the original pointer with 9
mte_buf = __arm_mte_create_random_tag(mte_buf, ~(1 << 9));		mte_buf = __arm_mte_create_random_tag(mte_buf, ~(1 << 9));
// A different tag so that mte_buf_alt_tag > mte_buf if you don't handle the		// A different tag so that mte_buf_alt_tag > mte_buf if you don't handle the
// tag		// tag
char *mte_buf_alt_tag = __arm_mte_create_random_tag(mte_buf, ~(1 << 10));		char *mte_buf_alt_tag = __arm_mte_create_random_tag(mte_buf, ~(1 << 10));

// lldb should be removing the whole top byte, not just the tags.		// The memory tag manager should be removing the whole top byte, not just the
// So fill 63-60 with something non zero so we'll fail if we only remove tags.		// tags. So fill 63-60 with something non zero so we'll fail if we only remove
		// tags.
#define SET_TOP_NIBBLE(ptr, value) \		#define SET_TOP_NIBBLE(ptr, value) \
(char *)((size_t)(ptr) \| ((size_t)((value)&0xf) << 60))		(char *)((size_t)(ptr) \| ((size_t)((value)&0xf) << 60))
// mte_buf_alt_tag's nibble > mte_buf to check that lldb isn't just removing		// mte_buf_alt_tag's nibble > mte_buf to check that lldb isn't just removing
// tag bits but the whole top byte when making ranges.		// tag bits but the whole top byte when making ranges.
mte_buf = SET_TOP_NIBBLE(mte_buf, 0xA);		mte_buf = SET_TOP_NIBBLE(mte_buf, 0xA);
mte_buf_alt_tag = SET_TOP_NIBBLE(mte_buf_alt_tag, 0xB);		mte_buf_alt_tag = SET_TOP_NIBBLE(mte_buf_alt_tag, 0xB);
mte_buf_2 = SET_TOP_NIBBLE(mte_buf_2, 0xC);		mte_buf_2 = SET_TOP_NIBBLE(mte_buf_2, 0xC);
mte_read_only = SET_TOP_NIBBLE(mte_read_only, 0xD);		mte_read_only = SET_TOP_NIBBLE(mte_read_only, 0xD);

		// The top level commands should be removing all non-address bits, including
		// pointer signatures. This signs ptr with PAC key A. That signature goes
		// in some bits other than the top byte.
		#define sign_ptr(ptr) __asm__ __volatile__("pacdza %0" : "=r"(ptr) : "r"(ptr))
		sign_ptr(mte_buf);
		sign_ptr(mte_buf_alt_tag);
		sign_ptr(mte_buf_2);
		sign_ptr(mte_read_only);

// Breakpoint here		// Breakpoint here
return 0;		return 0;
}		}