Re: [RFC PATCH for 4.18] rseq: use __u64 for rseq_cs fields, validate user inputs

From: Andy Lutomirski
Date: Mon Jul 02 2018 - 22:34:14 EST

On Mon, Jul 2, 2018 at 7:30 PM, Mathieu Desnoyers
<mathieu.desnoyers@xxxxxxxxxxxx> wrote:
> ----- On Jul 2, 2018, at 10:18 PM, Linus Torvalds torvalds@xxxxxxxxxxxxxxxxxxxx wrote:
>> On Mon, Jul 2, 2018 at 7:01 PM Mathieu Desnoyers
>> <mathieu.desnoyers@xxxxxxxxxxxx> wrote:
>>> One thing to consider is how we will implement the load of that pointer
>>> on the kernel side.
>> Use "get_user()". It works for 64-bit objects too, and it will be
>> atomic in the 32-bit sub-parts on a 32-bit architecture.
> Is it really ? Last time we had this discussion, not all architectures
> guaranteed that reading a 64-bit integer would happen in two atomic
> 32-bit sub-parts. This was the main motivation for the LINUX_FIELD_u32_u64()
> macro as it stands today (rather than using a union).

If you're nervous, you could do this by open-coding:

#if BITS_PER_LONG == 64

No need to make the header more complicated just for this.