Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp2136707ybb;
        Thu, 2 Apr 2020 13:56:52 -0700 (PDT)
X-Google-Smtp-Source: APiQypLDUkn+tymYu0QL51plu2nwCgl2kdiqrr+tXyfgJGeM5KIYO6I+DsNCVcx4BxeNNz4300ya
X-Received: by 2002:a9d:220e:: with SMTP id o14mr3805218ota.88.1585861011941;
        Thu, 02 Apr 2020 13:56:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1585861011; cv=none;
        d=google.com; s=arc-20160816;
        b=W7JyomDG8uaz5tEWEVu9UKqId3NqKBbRFDtsUj9hBQIo6PDeDyfRyOVkBO47fpT3KX
         N0z29YAm+eOawP+mS6vzIc/h7ilcLgHHip1K3IjfhmkO9IDmGnb9NswyCXLW/pNUF7Xc
         h6AVqocRAk+GE0Zgwfn6kqVWMc7yextochRHCliOIfiQ+vpoYaKoOHPdvdPSnEAThkre
         vPuqi6QZC+HfrudOygxK9i9i9R7Mk3R2jlVSaU1pK8P8H0fXnlriwwzXfxASqdFe0c2J
         Emnisgon6ECjv29KlLRgjVkwFV8H2VbwHX2/42d7ZNlOspL2Z8+ySwI+e4iwQ9ZgZAJo
         JH3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=YR/nUD2Z88aJr6Pg6Jbj/uRmXq5/iJdtBPPDjhYxa08=;
        b=PekzmSXNBMn6WKUx4th5/Pkmr5Yltu0krDEWHHADt0Ro2DCTmmD4GJ1vTSIBUOMd+m
         NO0YGB8huBw2Fh5Cnxnjm4aH4414slEJhsYwELpip53Z4Lr/7HjkkK5VWVvS/DqTzrbj
         GCuBVAbIPto7hYyl7rWGMTYxFevXvt374Mx9lQ554P/8nZvbFJ2j6/Nu/ZUYjVHsFevs
         uZJZHpp4ryF/8lFF6uNYy7j7eL5gcNNWmJHtqkjI9H8Vp2rDgfuCzlwzreHxxPSeyTNL
         m89jH98Buh0lq5TlmcGMgYhPxbTHDY9se3/mXaI6wmkrKEcupK6AvCCSI9irLLhaiXQQ
         oNVA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=dq1Xt42z;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k39si3010048otk.255.2020.04.02.13.56.39;
        Thu, 02 Apr 2020 13:56:51 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=dq1Xt42z;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2388872AbgDBUrs (ORCPT <rfc822;bowenwang.tinker@gmail.com>
        + 99 others); Thu, 2 Apr 2020 16:47:48 -0400
Received: from mail-lj1-f194.google.com ([209.85.208.194]:45323 "EHLO
        mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730837AbgDBUrs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 2 Apr 2020 16:47:48 -0400
Received: by mail-lj1-f194.google.com with SMTP id t17so4704565ljc.12
        for <linux-kernel@vger.kernel.org>; Thu, 02 Apr 2020 13:47:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=YR/nUD2Z88aJr6Pg6Jbj/uRmXq5/iJdtBPPDjhYxa08=;
        b=dq1Xt42zOdAJ9Qswqhw3DC5ZWJPx708kVOLPio6Z4i5kSkx4SK5PaEo/6koIh9QTi0
         yfOTVpLmbl4n8jtyb/2WcDEO7fuXO+AAVPX7mMUJ0v/+lRQnPhNsNuau5SsaccYONsWw
         LhoxKSxXEV20XpXwx2ctLh7uQXRBDSE3iznhk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=YR/nUD2Z88aJr6Pg6Jbj/uRmXq5/iJdtBPPDjhYxa08=;
        b=f1WURXUim2emqzM4ALnN/k6AYOrRtXQT3TFoBpEnBo3JFPGF1JbNPPc+uWB8juTOCz
         O2Au01BblxbukRGw3EKG6T+7zD+PoScjG0OwEF6gt2YSBP/gTFkmL/tjvUr72Zf3VbuH
         60+946O7MiRQ5UkxT3fhXoT023oMgTnxPAIulJRZuUTzy58e5iXuuql3DDF+9IdG1FuG
         PkHZMuNKyh88wxSV+TAFkjQb/IfqUOsvmbIp4PJlMJ3GR6PhQBOueerWZa6NGaRYTYLt
         q1TPZ8VulnqDoH8awOXQEPLh4th5WUh/O7l/b0025qWzm+nruB3wU0BbZk2mCdKeY4Qv
         FCUg==
X-Gm-Message-State: AGi0PuZo0mGlWldjT85byvEh4nW6S78Ika3yIcHgrehvm/yLZnKKK9i1
        Gd/qnE8kH1mkbTw9P+V15bMl9Do/nM4=
X-Received: by 2002:a05:651c:552:: with SMTP id q18mr3182064ljp.1.1585860463687;
        Thu, 02 Apr 2020 13:47:43 -0700 (PDT)
Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51])
        by smtp.gmail.com with ESMTPSA id l7sm4919204lfg.79.2020.04.02.13.47.40
        for <linux-kernel@vger.kernel.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 02 Apr 2020 13:47:41 -0700 (PDT)
Received: by mail-lf1-f51.google.com with SMTP id t11so3936891lfe.4
        for <linux-kernel@vger.kernel.org>; Thu, 02 Apr 2020 13:47:40 -0700 (PDT)
X-Received: by 2002:ac2:5e70:: with SMTP id a16mr3290368lfr.152.1585860460299;
 Thu, 02 Apr 2020 13:47:40 -0700 (PDT)
MIME-Version: 1.0
References: <27106d62fdbd4ffb47796236050e418131cb837f.1585811416.git.christophe.leroy@c-s.fr>
 <20200402162942.GG23230@ZenIV.linux.org.uk> <67e21b65-0e2d-7ca5-7518-cec1b7abc46c@c-s.fr>
 <20200402175032.GH23230@ZenIV.linux.org.uk> <202004021132.813F8E88@keescook>
 <CAHk-=wg9cSm=AjPmkasNHBDwuW4D10jszjv6EeCKp8V9Qbx2hg@mail.gmail.com> <202004021322.5F80467@keescook>
In-Reply-To: <202004021322.5F80467@keescook>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Thu, 2 Apr 2020 13:47:24 -0700
X-Gmail-Original-Message-ID: <CAHk-=wjUfAsepavvy2vsnyOv06yeYBMumSeb+dzDSnJXkX7qPQ@mail.gmail.com>
Message-ID: <CAHk-=wjUfAsepavvy2vsnyOv06yeYBMumSeb+dzDSnJXkX7qPQ@mail.gmail.com>
Subject: Re: [PATCH RESEND 1/4] uaccess: Add user_read_access_begin/end and user_write_access_begin/end
To:     Kees Cook <keescook@chromium.org>
Cc:     Al Viro <viro@zeniv.linux.org.uk>,
        Christophe Leroy <christophe.leroy@c-s.fr>,
        Benjamin Herrenschmidt <benh@kernel.crashing.org>,
        Paul Mackerras <paulus@samba.org>,
        Michael Ellerman <mpe@ellerman.id.au>,
        Dave Airlie <airlied@linux.ie>,
        Daniel Vetter <daniel@ffwll.ch>,
        Andrew Morton <akpm@linux-foundation.org>,
        Peter Anvin <hpa@zytor.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
        Linux-MM <linux-mm@kvack.org>,
        linux-arch <linux-arch@vger.kernel.org>,
        Russell King <linux@armlinux.org.uk>,
        Christian Borntraeger <borntraeger@de.ibm.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Apr 2, 2020 at 1:27 PM Kees Cook <keescook@chromium.org> wrote:
>
> I was just speaking to design principles in this area: if the "enable"
> is called when already enabled, Something Is Wrong. :)

Well, the "something is wrong" could easily be "the hardware does not
support this".

I'm not at all interested in the crazy code to do this in software.
Nobody sane should ever do that.

Yes, I realize that PaX did software emulation of things like that,
and it was one of the reasons why it was never useful to any normal
use.

Security is not an end goal in itself, it's always secondary to "can I
use this".

Security that means "normal people can't use this, it's only for the
special l33t users" is not security, it's garbage. That "do page
tables in software" was a prime example of garbage.

               Linus