Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs

From: Linus Torvalds
Date: Mon Jul 02 2018 - 22:18:55 EST

Next message: Masahiro Yamada: "Re: [PATCH] gcc-plugins: remove unused GCC_PLUGIN_SUBDIR"
Previous message: Kees Cook: "Re: [PATCH] gcc-plugins: remove unused GCC_PLUGIN_SUBDIR"
In reply to: Mathieu Desnoyers: "Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs"
Next in thread: Mathieu Desnoyers: "Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 2, 2018 at 7:01 PM Mathieu Desnoyers
<mathieu.desnoyers@xxxxxxxxxxxx> wrote:
>
> One thing to consider is how we will implement the load of that pointer
> on the kernel side.

Use "get_user()". It works for 64-bit objects too, and it will be
atomic in the 32-bit sub-parts on a 32-bit architecture.

Again: there is no point in trying to be atomic in the full 64 bits
(when you're running on 32-bit). The upper bits don't have to "match"
the lower bits. They just have to be zero. So doing it as two loads is
fine - the same way it's perfectly fine to do it as two stores (since
the store to the upper bits will always be zero).

Linus

Next message: Masahiro Yamada: "Re: [PATCH] gcc-plugins: remove unused GCC_PLUGIN_SUBDIR"
Previous message: Kees Cook: "Re: [PATCH] gcc-plugins: remove unused GCC_PLUGIN_SUBDIR"
In reply to: Mathieu Desnoyers: "Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs"
Next in thread: Mathieu Desnoyers: "Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]