Received: by 10.223.148.5 with SMTP id 5csp6312106wrq; Wed, 17 Jan 2018 12:06:44 -0800 (PST) X-Google-Smtp-Source: ACJfBotVPqlXB0FAgyx5TkDdNFamALscdUw4BVN1ekHV+fIzEqT7ZSSaOEcLh3Rdo2vU9vtaEhKi X-Received: by 10.99.127.24 with SMTP id a24mr30955784pgd.225.1516219604291; Wed, 17 Jan 2018 12:06:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516219604; cv=none; d=google.com; s=arc-20160816; b=ZQx5AkC65qVdOQenFb4S2Af/ff5jJGh3RbJS12gVxH98KH3OLsOYy/3CYaHogtYXUY xyQVop3Tzu8TI0zYVdQAJeIWXzv6SBhVbt2Zg2u+sXuwIu9w/blY/jW/ZhBPD493ir1S t/nCTE0wO0XjpjrWg48cNm6YDkuGkOiu2f397+8wk2P7wjyLKvRR3jqfU3QZST4VDDka ocrm4KNch7GKFYRhKdJwPvcjlCnGLovQAPxaP+3Y3c4XuvulBsNCEiNahSdl5FfDcrrP da5gpOCxblTSxQrzowHW8t7la7j6QC6Ljz6Wbnx139tih6d0NFPbu33565YJ724BfZ2r yOsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=A2CeSfHamiC5zDYLZZy+VFk++lyHszKYe+ZoRjlws7s=; b=JChDRCUBhBqXbGGAjSt/UGToGcqbYFscz4lcNE79dYqg2He7b2lIXhD7qLVarfuYvd OyZbE135tdk2+xWDQqLZhPKHz7Yymdhiikvwi77+CR4o1uCNF/rDa1B76n08/BpPKHlN 32gXcTkBU95lZFc9os/Ltk/yoDpY7Z5YfZq2sKJUxMPVcvGbYYM9eFb3AiVN7eLbcRPT BH6YnxOy2vR7jEdV5ylScSbCuN0kmte3oUJv6ewB96cjsEVtkX68eslxFdIlprhNd+uM TQ/ZdDQDG9vip0HjkNcKbqlaQ6CzdcdmzU0+ZFFOgoA8AAlg6OljxuI6G1T2ahI5Xwwd ZlMw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41776plc.265.2018.01.17.12.06.30; Wed, 17 Jan 2018 12:06:44 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753059AbeAQUFq (ORCPT + 99 others); Wed, 17 Jan 2018 15:05:46 -0500 Received: from zeniv.linux.org.uk ([195.92.253.2]:49364 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750872AbeAQUFp (ORCPT ); Wed, 17 Jan 2018 15:05:45 -0500 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.87 #1 (Red Hat Linux)) id 1ebtxk-0004eL-L5; Wed, 17 Jan 2018 20:05:32 +0000 Date: Wed, 17 Jan 2018 20:05:32 +0000 From: Al Viro To: Dan Williams Cc: Alan Cox , Linus Torvalds , Linux Kernel Mailing List , linux-arch@vger.kernel.org, Andi Kleen , Kees Cook , kernel-hardening@lists.openwall.com, Greg Kroah-Hartman , the arch/x86 maintainers , Ingo Molnar , "H. Peter Anvin" , Thomas Gleixner , Andrew Morton Subject: Re: [PATCH v3 8/9] x86: use __uaccess_begin_nospec and ASM_IFENCE in get_user paths Message-ID: <20180117200532.GX13338@ZenIV.linux.org.uk> References: <151586744180.5820.13215059696964205856.stgit@dwillia2-desk3.amr.corp.intel.com> <151586748981.5820.14559543798744763404.stgit@dwillia2-desk3.amr.corp.intel.com> <1516198646.4184.13.camel@linux.intel.com> <20180117185232.GW13338@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 17, 2018 at 11:54:12AM -0800, Dan Williams wrote: > On Wed, Jan 17, 2018 at 10:52 AM, Al Viro wrote: > > On Wed, Jan 17, 2018 at 02:17:26PM +0000, Alan Cox wrote: > [..] > > Incidentally, what about copy_to_iter() and friends? They > > check iov_iter flavour and go either into the "copy to kernel buffer" > > or "copy to userland" paths. Do we need to deal with mispredictions > > there? We are calling a bunch of those on read()... > > > > Those should be protected by the conversion of __uaccess_begin to > __uaccess_begin_nospec that includes the lfence. Huh? What the hell does it do to speculative execution of "memcpy those suckers" branch?