Re: [PATCH] kernel: sys: fix potential Spectre v1
From: Dan Williams
Date: Wed May 23 2018 - 09:02:29 EST
On Wed, May 23, 2018 at 2:08 AM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> Sorry for being late to the party..
>
> On Wed, May 23, 2018 at 12:03:57AM -0500, Gustavo A. R. Silva wrote:
>
>> +#define validate_index_nospec(index, size) \
>> +({ \
>> + bool ret = true; \
>> + typeof(index) *ptr = &(index); \
>> + typeof(size) _s = (size); \
>> + \
>> + BUILD_BUG_ON(sizeof(*ptr) > sizeof(long)); \
>> + BUILD_BUG_ON(sizeof(_s) > sizeof(long)); \
>> + \
>> + if (*ptr >= size) \
>> + ret = false; \
>> + \
>> + *ptr = array_index_nospec(*ptr, _s); \
>> + \
>> + ret; \
>> +})
>
> Would not something like:
>
> bool ret = false;
>
> ....
>
> if (*ptr < _s) {
> *ptr = array_index_nospec(*ptr, _s);
> ret = true;
> }
>
> ret;
>
> be more obvious?
Yes, that looks even better to me.