[PATCH] x86/uaccess: Avoid barrier_nospec() in copy_from_user()
Linus Torvalds
torvalds at linux-foundation.org
Sun Oct 13 11:53:19 AEDT 2024
On Sat, 12 Oct 2024 at 10:44, Linus Torvalds
<torvalds at linux-foundation.org> wrote:
>
> Anyway, what's the speculation window size like?
Note that this is important basically because we do *NOT* want to
check the address against TASK_SIZE_MAX like we used to, because not
only is TASK_SIZE_MAX not a compile-time constant, but with linear
address masking, people actually *want* to use addresses that are in
the non-canonical range.
IOW, see also
arch/x86/include/asm/uaccess_64.h
and notice how the x86-64 __access_ok() check *also_ does the whole
"top bit set" thing (iow, see __access_ok()).
IOW, this actually goes even further back than the commit I mentioned
earlier - it goes back to commit 6014bc27561f ("x86-64: make
access_ok() independent of LAM") because without the sign bit trick,
LAM is a complete disaster.
So no, the address masking can not depend on things like
__VIRTUAL_MASK_SHIFT, it would need to at least take LAM into account
too. Not that I know if there are any CPU's out there that actually
have LAM enabled.
Linus
More information about the Linuxppc-dev
mailing list