MIME-Version: 1.0
In-Reply-To: <20171214222439.rovm3t7iaakefati@hirez.programming.kicks-ass.net>
References: <20171214112726.742649793@infradead.org> <20171214113851.647809433@infradead.org>
 <CALCETrW0=FnqZMU_MLebyy5m7jj=w=yHYx=u6vghFkdmG7vsww@mail.gmail.com>
 <CA+55aFz71Ycm3oez30zOCztx1sio8ioy3VED2rE0ORoExXBz2g@mail.gmail.com>
 <CALCETrU8=z92_ZtwR9EO56eeOBE1LbxOqigZGO_yahmcM2dE_A@mail.gmail.com>
 <CA+55aFyNN4Lhf4RhL95oeGvfng=H4wKSA3-MwzMo=KpBocQ7bA@mail.gmail.com>
 <CA+55aFxmwpkDNT0YcaiG-BQ5SUT6h6YkevVfNkU_eY-F2E-h7Q@mail.gmail.com>
 <20171214220226.GL3326@worktop> <CA+55aFzT=+Vc75O8yjGYcSiWVVvrRMOZT2Ydhs7S=0RUAtscAA@mail.gmail.com>
 <20171214222439.rovm3t7iaakefati@hirez.programming.kicks-ass.net>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, 14 Dec 2017 14:52:58 -0800
Message-ID: <CA+55aFwgAn3aWRY9ZJS22pc0atHBzapiGBQ9bSWpPCk2hiGWDg@mail.gmail.com>
Subject: Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced
To: Peter Zijlstra <peterz@infradead.org>
Cc: Andy Lutomirski <luto@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>, X86 ML <x86@kernel.org>,
        Dave Hansen <dave.hansen@intel.com>, Borislav Petkov <bpetkov@suse.de>,
        Greg KH <gregkh@linuxfoundation.org>, Kees Cook <keescook@google.com>,
        Hugh Dickins <hughd@google.com>, Brian Gerst <brgerst@gmail.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        Juergen Gross <jgross@suse.com>,
        David Laight <David.Laight@aculab.com>,
        Eduardo Valentin <eduval@amazon.com>,
        "Liguori, Anthony" <aliguori@amazon.com>,
        Will Deacon <will.deacon@arm.com>,
        "linux-mm@kvack.org" <linux-mm@kvack.org>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Dan Williams <dan.j.williams@intel.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 712
Lines: 23

On Thu, Dec 14, 2017 at 2:24 PM, Peter Zijlstra <peterz@infradead.org> wrote:
>
> get_user_pages_fast() (both of them) do indeed test access_ok(), but the
> regular get_user_pages() does not, I suspect because it can operate on a
> foreign mm.

That sounds wrong.

We actually had some very serious reasons why get_user_pages_fast()
needed to check access_ok().

I happen to forget what those reasons were, though.

My mind may be going.

But I think it was something like "you could walk off the page tables
because the undefined address range generates nonsensical values for
the pgd_offset() functions" etc.

But maybe the regular get_user_pages() has some other way to protect
against that.

          Linus