Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp1077794pxb; Thu, 17 Feb 2022 23:33:03 -0800 (PST) X-Google-Smtp-Source: ABdhPJx1h9p1UQldIsYIuedFaHdxMSD0fDmS6ppRe8IN4dgNuXBxHKcRWzK4YxTeB23Lj9gj3rRw X-Received: by 2002:a17:906:6dc6:b0:6cf:ea5a:fcc0 with SMTP id j6-20020a1709066dc600b006cfea5afcc0mr5278722ejt.326.1645169583217; Thu, 17 Feb 2022 23:33:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645169583; cv=none; d=google.com; s=arc-20160816; b=RYIrIzVRu558ORPSoGMg+PuJ7x/yLgvW015hLO8DhMwo+0uCS38zl/K+5W1E3PGVk7 3K4ovpdtA1NAM8OBBTZxQlDYtS0fFN/eJaxSA/xZ5Q8NoAjdgBJCMIn/6Dz7RZGKUyZq SZ//Ju53cj6c3Cnx33ubTjkNqCo0rHR6fXsY93nd00diBS59sajYmflS17IdC1Mu2Zej jpETjWJQlxRBRDyNvEaC9DElYmQQ94TiEI/R4iTtmYID5xkqPLVRxVi6NCyHYEau5sgj /YP3bpMMxA80GUjK2bkz17GNwGPDdkZvf+3DEjGBAPqtQiVlqDUi6iPG0QFtO0AbcseC ZnTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=nSpGQ1R1B7j1/3Z+9x4Tn5S4tRJWB8ZqXyufW3Tp4SQ=; b=fvLjEHr61U7szvW8ZUHCiBH+hhpOBuE/srjQb+TGFBktpwEJLIJic9OY8TgZAYUp8Q 1o+Hnr5sJDGIGlE70mf6q4rfcgXrpSzDuxiWdF8TUJmkwZs20+X9KuIoaofB1qiKuq+F Xkj4glboj45UVROqhWCtVtRshaLoas2H/npS1iVpPp+9cWVORH4hPIUy/SWQc4/r7EJK oqR2H3NPmUexIdHHPWHpNWQafJAM9DnzIGctctFUlxdrBzkYkbpBWhAemwcnvBLGGBgJ XMEVGr5jbeejbw1p4E4sITvJ9wtwBsR8qDgciKo+lQj+MsSU1AH7zLriDcQZ1ZpTn0mb 2e3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E7Qj225L; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r25si3188573ejc.298.2022.02.17.23.32.39; Thu, 17 Feb 2022 23:33:03 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E7Qj225L; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231933AbiBRHQ4 (ORCPT + 99 others); Fri, 18 Feb 2022 02:16:56 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:39798 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230301AbiBRHQs (ORCPT ); Fri, 18 Feb 2022 02:16:48 -0500 Received: from sin.source.kernel.org (sin.source.kernel.org [IPv6:2604:1380:40e1:4800::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F4BF65A8; Thu, 17 Feb 2022 23:16:32 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sin.source.kernel.org (Postfix) with ESMTPS id 7C91CCE30E4; Fri, 18 Feb 2022 07:16:30 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CC8D4C340F8; Fri, 18 Feb 2022 07:16:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1645168588; bh=q+jKWrJ4jJZ2v7I08P11+5fwNrVng4vZR8KgCaGgNp8=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=E7Qj225LkHl4vakpp/86Clw8A8aYCNcpfLrBP+VCQdOQM5BITuaFC8aajiIPA17sq QsQL+tpQFefxmctximGZjJghHIgDs0+5uBmhr8xxAaHPynJ3FAz/VvdJ7A4yiUcYzD cvOPc8xsA1RVRdeBpZvu7iuJPB2dq0pqYhhG0eac2ra/YlTXeM+fTnsQjW5NHDOU4h cinPsKBHoi0lD++02CV6Px7pd6xZwvcPqjj04/ifU1PciDsuXI0NkC0Bbm1nyirKYP OBBXTMFOAcsBgbQTb4NkJ7ZQ5y+D67DT81A8imqE8C6wMfM2VmNDYRx0F0jR7hwP1U QI8LFbE7ThFyQ== Received: by mail-wr1-f49.google.com with SMTP id u2so11800679wrw.1; Thu, 17 Feb 2022 23:16:28 -0800 (PST) X-Gm-Message-State: AOAM530sQq6ZE/FpybFbLJnHlqIh6oA16GB+v9iGa/uFpB4J+PGKTGoZ yb7tIC8BPN7oXsrpXUWxyzYBylNsZXJjxCUQhrs= X-Received: by 2002:adf:c406:0:b0:1e4:a5ae:34a3 with SMTP id v6-20020adfc406000000b001e4a5ae34a3mr5120080wrf.407.1645168587142; Thu, 17 Feb 2022 23:16:27 -0800 (PST) MIME-Version: 1.0 References: <20220216131332.1489939-1-arnd@kernel.org> <20220216131332.1489939-14-arnd@kernel.org> In-Reply-To: From: Arnd Bergmann Date: Fri, 18 Feb 2022 08:16:11 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 13/18] uaccess: generalize access_ok() To: Andy Lutomirski Cc: Linus Torvalds , Christoph Hellwig , linux-arch , Linux-MM , Linux API , Arnd Bergmann , Linux Kernel Mailing List , Al Viro , Russell King - ARM Linux , Will Deacon , Guo Ren , Brian Cain , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , Nick Hu , Greentime Hu , Dinh Nguyen , Stafford Horne , Helge Deller , Michael Ellerman , Peter Zijlstra , Ingo Molnar , Mark Rutland , Heiko Carstens , Rich Felker , David Miller , Richard Weinberger , "the arch/x86 maintainers" , Max Filippov , "Eric W . Biederman" , Andrew Morton , Ard Biesheuvel , alpha , "open list:SYNOPSYS ARC ARCHITECTURE" , linux-csky@vger.kernel.org, "open list:QUALCOMM HEXAGON..." , linux-ia64@vger.kernel.org, linux-m68k , "open list:BROADCOM NVRAM DRIVER" , Openrisc , Parisc List , linuxppc-dev , linux-riscv , linux-s390 , Linux-sh list , sparclinux , linux-um , "open list:TENSILICA XTENSA PORT (xtensa)" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-7.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 17, 2022 at 8:15 PM Andy Lutomirski wrote: > > On Wed, Feb 16, 2022 at 5:19 AM Arnd Bergmann wrote: > > > > From: Arnd Bergmann > > > > There are many different ways that access_ok() is defined across > > architectures, but in the end, they all just compare against the > > user_addr_max() value or they accept anything. > > > > Provide one definition that works for most architectures, checking > > against TASK_SIZE_MAX for user processes or skipping the check inside > > of uaccess_kernel() sections. > > > > For architectures without CONFIG_SET_FS(), this should be the fastest > > check, as it comes down to a single comparison of a pointer against a > > compile-time constant, while the architecture specific versions tend to > > do something more complex for historic reasons or get something wrong. > > This isn't actually optimal. On x86, TASK_SIZE_MAX is a bizarre > constant that has a very specific value to work around a bug^Wdesign > error^Wfeature of Intel CPUs. TASK_SIZE_MAX is the maximum address at > which userspace is permitted to allocate memory, but there is a huge > gap between user and kernel addresses, and any value in the gap would > be adequate for the comparison. If we wanted to optimize this, simply > checking the high bit (which x86 can do without any immediate > constants at all) would be sufficient and, for an access known to fit > in 32 bits, one could get even fancier and completely ignore the size > of the access. (For accesses not known to fit in 32 bits, I suspect > some creativity could still come up with a construction that's > substantially faster than the one in your patch.) > > So there's plenty of room for optimization here. > > (This is not in any respect a NAK -- it's just an observation that > this could be even better.) Thank you for taking a look! As you can see in the patch that changes the algorithm on x86 [1], it was already using TASK_SIZE_MAX as the limit, only the order in which the comparison is done, hopefully leading to better code already. I have looked at trivial examples on x86 that showed an improvement for constant sizes, but only looked at arm64 in detail for the overall result. It may be worth checking if using LONG_MAX as the limit produces better code, but it's probably best to do the optimization in the common code in a portable way to keep it from diverging again. Arnd [1] https://lore.kernel.org/lkml/20220216131332.1489939-7-arnd@kernel.org/