Page MenuHomeFreeBSD
Differential D55947

arm64: mte: handle synchronous tag check faults
ClosedPublic
Actions

Authored by andrew on Mar 19 2026, 4:05 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, May 10, 5:49 PM
Unknown Object (File)
Sun, May 10, 11:22 AM
Unknown Object (File)
Sun, May 10, 11:15 AM
Unknown Object (File)
Sun, May 10, 9:10 AM
Unknown Object (File)
Sun, May 10, 9:05 AM
Unknown Object (File)
Mon, Apr 27, 9:58 AM
Unknown Object (File)
Sat, Apr 25, 3:57 AM
Unknown Object (File)
Mon, Apr 20, 4:23 PM
View All 26 Files
Subscribers
emaste
imp
kib

Details

Reviewers
manu
kib
Group Reviewers
arm64
Commits
rG6f9e9eba984f: arm64: mte: handle synchronous tag check faults
Summary

The Memory Tagging Extension supports both Synchronous and Asynchronous
faults, called Tag Check Faults, which are configurable via
SCTLR_EL1.TCF0 for userspace and SCTLR_EL1.TCF for the kernel.

This commit adds support for handling synchronous tag check faults at
EL0 and EL1, although these are only enabled on a per-process basis in
userspace, kernel space does not enable tag check faults. A TCF in the
kernel will cause a kernel panic like any other virtual memory fault,
and a TCF in userspace will result in a SIGSEGV

Sponsored by: Arm Ltd
Signed-off-by: Harry Moulton <harry.moulton@arm.com>

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

andrew created this revision.Mar 19 2026, 4:05 PM
Herald added a reviewer: manu. · View Herald TranscriptMar 19 2026, 4:05 PM
Herald added subscribers: emaste, imp. · View Herald Transcript
Harbormaster completed remote builds in B71528: Diff 173917.Mar 19 2026, 4:05 PM
andrew requested review of this revision.Mar 19 2026, 4:05 PM
andrew added a parent revision: D55946: arm64: mte: configure initial state for system registers.
andrew added a child revision: D55948: arm64: mte: add tagged memory attribute.
andrew added inline comments.Mar 19 2026, 4:26 PM
sys/sys/signal.h
309–310

These should probably be 100 & 101 or similar

andrew added a subscriber: kib.Apr 13 2026, 2:28 PM
andrew added inline comments.
sys/sys/signal.h
309–310

@kib Do you have a preference for what values these should be? They will be architecture dependant like SEGV_PKUERR below.

kib added inline comments.Apr 13 2026, 8:07 PM
sys/sys/signal.h
309–310

Yes, I selected some high value for amd PKRU to allow space for MI code additions. So 100 and later are fine as arch-specific values.

Please add a prefix into the comment, like /* arm64: synchronous MTE ... */

andrew updated this revision to Diff 175483.Tue, Apr 14, 9:32 AM

Change the SEGV_MTE* values

Harbormaster completed remote builds in B72191: Diff 175483.Tue, Apr 14, 9:32 AM
kib accepted this revision.Tue, Apr 14, 9:56 AM
This revision is now accepted and ready to land.Tue, Apr 14, 9:56 AM
Closed by commit rG6f9e9eba984f: arm64: mte: handle synchronous tag check faults (authored by harry.moulton_arm.com, committed by andrew). · Explain WhyThu, Apr 16, 2:23 PM
This revision was automatically updated to reflect the committed changes.
andrew added a commit: rG6f9e9eba984f: arm64: mte: handle synchronous tag check faults.
emaste added a comment.Mon, Apr 20, 8:39 PM

It seems I had these in my WIP tree as 8 and 9 with a comment LLDB is adding support for sync MTE exception and async MTE reporting.

Snippet from LLDB code:

// SIGSEGV
ADD_SIGCODE(SIGSEGV, 11, SEGV_MAPERR, 1,   "address not mapped to object",
                SignalCodePrintOption::Address);
ADD_SIGCODE(SIGSEGV, 11, SEGV_ACCERR, 2,   "invalid permissions for mapped object",
                SignalCodePrintOption::Address);
ADD_SIGCODE(SIGSEGV, 11, SEGV_PKUERR, 100, "PKU violation",
                SignalCodePrintOption::Address);

So this will be awkward, short term might be x86 PKU violation or arm64 MTE error

emaste added a comment.Mon, Apr 20, 8:41 PM

See https://github.com/llvm/llvm-project/blob/main/lldb/source/Plugins/Process/Utility/FreeBSDSignals.cpp

kib added a comment.Mon, Apr 20, 8:44 PM
In D55947#1294047, @emaste wrote:

It seems I had these in my WIP tree as 8 and 9 with a comment LLDB is adding support for sync MTE exception and async MTE reporting.

Snippet from LLDB code:

// SIGSEGV
ADD_SIGCODE(SIGSEGV, 11, SEGV_MAPERR, 1,   "address not mapped to object",
                SignalCodePrintOption::Address);
ADD_SIGCODE(SIGSEGV, 11, SEGV_ACCERR, 2,   "invalid permissions for mapped object",
                SignalCodePrintOption::Address);
ADD_SIGCODE(SIGSEGV, 11, SEGV_PKUERR, 100, "PKU violation",
                SignalCodePrintOption::Address);

So this will be awkward, short term might be x86 PKU violation or arm64 MTE error

It needs to take the target arch into account.

emaste added a comment.Mon, Apr 20, 8:47 PM

It needs to take the target arch into account.

Yes it does, but the infrastructure for that is not yet present.

andrew added a comment.Tue, Apr 21, 7:47 AM

I can move them to something like 200/201. I think the Arm Permission Overlay Extension (FEAT_S1POE) could then reuse SEGV_PKUERR as it is similar.

Revision Contents
Changeset List

PathSize
sys/
arm64/
arm64/
22 lines
sys/
2 lines

Diff 175633

View Options

sys/arm64/arm64/trap.c

Loading...
View Options

sys/sys/signal.h

Loading...