Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <1516198646.4184.13.camel@linux.intel.com>
Date: Wed, 17 Jan 2018 14:17:26 +0000
From: Alan Cox <alan@...ux.intel.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>, Dan Williams
	 <dan.j.williams@...el.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, 
 linux-arch@...r.kernel.org, Andi Kleen <ak@...ux.intel.com>, Kees Cook
 <keescook@...omium.org>, kernel-hardening@...ts.openwall.com, Greg
 Kroah-Hartman <gregkh@...uxfoundation.org>, the arch/x86 maintainers
 <x86@...nel.org>, Ingo Molnar <mingo@...hat.com>, Al Viro
 <viro@...iv.linux.org.uk>, "H. Peter Anvin" <hpa@...or.com>, Thomas
 Gleixner <tglx@...utronix.de>, Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH v3 8/9] x86: use __uaccess_begin_nospec and ASM_IFENCE
 in get_user paths

On Tue, 2018-01-16 at 14:41 -0800, Linus Torvalds wrote:
> 
> 
> On Jan 16, 2018 14:23, "Dan Williams" <dan.j.williams@...el.com>
> wrote:
> > That said, for get_user specifically, can we do something even
> > cheaper. Dave H. reminds me that any valid user pointer that gets
> > past
> > the address limit check will have the high bit clear. So instead of
> > calculating a mask, just unconditionally clear the high bit. It
> > seems
> > worse case userspace can speculatively leak something that's
> > already
> > in its address space.
> 
> That's not at all true.
> 
> The address may be a kernel address. That's the whole point of
> 'set_fs()'.

Can we kill off the remaining users of set_fs() ?

Alan

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.