Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752193AbeADFuW (ORCPT + 1 other); Thu, 4 Jan 2018 00:50:22 -0500 Received: from zeniv.linux.org.uk ([195.92.253.2]:51324 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750896AbeADFuR (ORCPT ); Thu, 4 Jan 2018 00:50:17 -0500 Date: Thu, 4 Jan 2018 05:50:12 +0000 From: Al Viro To: Dan Williams Cc: "torvalds@linux-foundation.org" , "linux-kernel@vger.kernel.org" , "peterz@infradead.org" , "tglx@linutronix.de" , "alan@linux.intel.com" , "Reshetova, Elena" , "mark.rutland@arm.com" , "gnomes@lxorguk.ukuu.org.uk" , "gregkh@linuxfoundation.org" , "jikos@kernel.org" , "linux-arch@vger.kernel.org" Subject: Re: [RFC PATCH] asm/generic: introduce if_nospec and nospec_barrier Message-ID: <20180104055012.GD21978@ZenIV.linux.org.uk> References: <20180103223827.39601-1-mark.rutland@arm.com> <151502463248.33513.5960736946233335087.stgit@dwillia2-desk3.amr.corp.intel.com> <20180104010754.22ca6a74@alans-desktop> <1515035438.20588.4.camel@intel.com> <20180104044424.GC21978@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.0 (2017-09-02) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, Jan 03, 2018 at 09:44:33PM -0800, Dan Williams wrote: > On Wed, Jan 3, 2018 at 8:44 PM, Al Viro wrote: > > On Thu, Jan 04, 2018 at 03:10:51AM +0000, Williams, Dan J wrote: > > > >> diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h > >> index 1c65817673db..dbc12007da51 100644 > >> --- a/include/linux/fdtable.h > >> +++ b/include/linux/fdtable.h > >> @@ -82,8 +82,10 @@ static inline struct file *__fcheck_files(struct files_struct *files, unsigned i > >> { > >> struct fdtable *fdt = rcu_dereference_raw(files->fdt); > >> > >> - if (fd < fdt->max_fds) > >> + if (fd < fdt->max_fds) { > >> + osb(); > >> return rcu_dereference_raw(fdt->fd[fd]); > >> + } > >> return NULL; > >> } > > > > ... and the point of that would be? Possibly revealing the value of files->fdt? > > Why would that be a threat, assuming you manage to extract the information in > > question in the first place? > > No, the concern is that an fd value >= fdt->max_fds may cause the cpu > to read arbitrary memory addresses relative to files->fdt and > userspace can observe that it got loaded. Yes. And all that might reveal is the value of files->fdt. Who cares?