1 Tagged virtual addresses in AArch64 Linux 2 ========================================= 3 4Author: Will Deacon <will.deacon@arm.com> 5Date : 12 June 2013 6 7This document briefly describes the provision of tagged virtual 8addresses in the AArch64 translation system and their potential uses 9in AArch64 Linux. 10 11The kernel configures the translation tables so that translations made 12via TTBR0 (i.e. userspace mappings) have the top byte (bits 63:56) of 13the virtual address ignored by the translation hardware. This frees up 14this byte for application use. 15 16 17Passing tagged addresses to the kernel 18-------------------------------------- 19 20All interpretation of userspace memory addresses by the kernel assumes 21an address tag of 0x00. 22 23This includes, but is not limited to, addresses found in: 24 25 - pointer arguments to system calls, including pointers in structures 26 passed to system calls, 27 28 - the stack pointer (sp), e.g. when interpreting it to deliver a 29 signal, 30 31 - the frame pointer (x29) and frame records, e.g. when interpreting 32 them to generate a backtrace or call graph. 33 34Using non-zero address tags in any of these locations may result in an 35error code being returned, a (fatal) signal being raised, or other modes 36of failure. 37 38For these reasons, passing non-zero address tags to the kernel via 39system calls is forbidden, and using a non-zero address tag for sp is 40strongly discouraged. 41 42Programs maintaining a frame pointer and frame records that use non-zero 43address tags may suffer impaired or inaccurate debug and profiling 44visibility. 45 46 47Preserving tags 48--------------- 49 50Non-zero tags are not preserved when delivering signals. This means that 51signal handlers in applications making use of tags cannot rely on the 52tag information for user virtual addresses being maintained for fields 53inside siginfo_t. One exception to this rule is for signals raised in 54response to watchpoint debug exceptions, where the tag information will 55be preserved. 56 57The architecture prevents the use of a tagged PC, so the upper byte will 58be set to a sign-extension of bit 55 on exception return. 59 60 61Other considerations 62-------------------- 63 64Special care should be taken when using tagged pointers, since it is 65likely that C compilers will not hazard two virtual addresses differing 66only in the upper byte. 67