For this week’s Weekend Read, where we are posting a link to Seema Mehta’s newly released video titled “Built-in Memory Tagging- Protect against malicious memory access”. Also there is a link to her blog post on the same topic.
2 Likes
So you got MTE in SoC?
I need updated /proc/cpuinfo then. So far my table shows only Tensor G3 with MTE.
ampere1a adds support for MTE. ampere1 is AC03; ampere1a is the AC04 core.
1 Like
So it looks like my table needs changes.
Rename AmpereOne core to AC03 core, add AC04 one and then add Ampere1A SoC with it.
@bexcran: can you share Ampere1A /proc/cpuinfo?
I got Ampere1A /proc/cpuinfo in AmpereOne A192-32X · Issue #111 · hrw/arm-socs-table · GitHub and it lacks MTE flags.
Which kernel/distro needs to be run to make use of MTE?
It looks like MTE is disabled by default in the firmware.
1 Like
Yes we do! Your distro needs to have glibc (or whatever libc you are using) compiled to support it, and the feature needs to be enabled in firmware. Then it needs to be turned on for userspace applications - and at least for Linux distros, it only affects heap allocations and not stack frames (it is possible to tag stack frames too, but that requires recompiling the software for that platform, and Linux distros have not done that - however, Fedora 39 and later support MTE in glibc, and you can turn it on for the entire system by setting the GLIBC_TUNABLES environment variable to glibc.mem.tagging=3. I have a blog post in progress on userspace impact of AmpereOne features (including MTE, MPAM, and nested virt - the latter of which is not yet fully supported in the Linux kernel for arm64) and how to use them.
Update: Blog post now available! Empowering Developers and Fueling AI Adoption with AmpereOne® Design Innovations (title not mine, I’m not sure what the content has to do with AI innovation).
Hi @dneary,
This isn’t working for me on AmpereOneX running Fedora 42 when using glibc.mem.tagging=3 using the example at Arm provided at Build and run an example application to learn about MTE | Arm Learning Paths. On my system, mte isn’t listed in /proc/cpuinfo.
@hrw here’s core 0’s /proc/cpuinfo from this system
processor : 0
BogoMIPS : 2000.00
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm jscvt fcma lrcpc dcpop sha3 sm3 sm4 asimddp sha512 asimdfhm dit uscat ilrcpc flagm ssbs sb paca pacg dcpodp flagm2 frint i8mm bf16 rng
bti ecv
CPU implementer : 0xc0
CPU architecture: 8
CPU variant : 0x0
CPU part : 0xac4
CPU revision : 0
Yeah - Bex pointed out that it’s disabled by default - I’d love to document how end users can enable it, but it’s not a BIOS flag - I think you might need a special firmware tool. I’d love to get good information on how to turn the feature on - anyone here know how?
1 Like
…and I think I found an answer! To enable MTE, you need to use the Ampere Computing NVparam tool. In order to enable MTE, you must set the NVparam option 56 (for MTE) to 0x01.
But I am not an expert, and changing NVparam options can break things - I will try to get a more definitive answer and include it in a tutorial around using MTE.
1 Like
Hi @dneary, do you by any chance have more info on how exactly to enable this option? I assume it’s from the BMC console? Thanks!
Hi,
I am still looking into it - apparently the NVP tool I pointed to above is not necessarily the right one for AmpereOne ac04 CPUs - and I am still looking for a public resource documenting NVParams and how to change them as an end user - apparently, modifying these options is typically something that is done by OEMs and ODMs (as I understand it).
Thanks,
Dave.
1 Like
Thanks! I had no luck either finding public documentation. I have already opened a ticket with the Ampere Support, but so far, they have not responded. If I receive further info, I will share it here.
Just to let you all know, I’m trying to get public documentation for NVParams for AmpereOne, and the tool you can use to modify them - but as this was primarily intended as an interface for ODMs, this does not exist yet.
2 Likes