For this week’s Weekend Read, where we are posting a link to Seema Mehta’s newly released video titled “Built-in Memory Tagging- Protect against malicious memory access”. Also there is a link to her blog post on the same topic.
So you got MTE in SoC?
I need updated /proc/cpuinfo then. So far my table shows only Tensor G3 with MTE.
ampere1a
adds support for MTE. ampere1
is AC03; ampere1a
is the AC04 core.
So it looks like my table needs changes.
Rename AmpereOne core to AC03 core, add AC04 one and then add Ampere1A SoC with it.
@bexcran: can you share Ampere1A /proc/cpuinfo?
I got Ampere1A /proc/cpuinfo in AmpereOne A192-32X · Issue #111 · hrw/arm-socs-table · GitHub and it lacks MTE flags.
Which kernel/distro needs to be run to make use of MTE?
It looks like MTE is disabled by default in the firmware.
Yes we do! Your distro needs to have glibc (or whatever libc you are using) compiled to support it, and then it needs to be turned on for userspace applications - and at least for Linux distros, it only affects heap allocations and not stack frames (it is possible to tag stack frames too, but that requires recompiling the software for that platform, and Linux distros have not done that - however, Fedora 39 and later support MTE in glibc, and you can turn it on for the entire system by setting the GLIBC_TUNABLES environment variable to glibc.mem.tagging=3
. I have a blog post in progress on userspace impact of AmpereOne features (including MTE, MPAM, and nested virt - the latter of which is not yet fully supported in the Linux kernel for arm64) and how to use them.