Re: [PATCH] x86/uaccess: Use pointer masking to limit uaccess speculation

From: Mark Rutland
Date: Wed Sep 02 2020 - 13:23:40 EST


On Wed, Sep 02, 2020 at 03:32:31PM +0200, Christoph Hellwig wrote:
> On Wed, Sep 02, 2020 at 12:43:48PM +0100, Mark Rutland wrote:
> > I'll see what I can do.
> >
> > At first glance it looks like we might need to flesh out or refactor the
> > arm64 kernel maccess routines first (since we want the user maccess
> > routines to use LDTR/STTR instructions that can't access kernel memory),
> > but after that I think the rest is largely mechanical.
>
> Yes, the first thing is to implement __get_kernel_nofaul and
> __put_kernel_nofault. I think they should mostly look like the existing
> non-UAO versions of get_user and put_user with a fixed address space
> limit.

I've pushed an initial/incomplete/WIP stab (just the kernel accessors)
to:

https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/set_fs-removal

... and doing that made it clear that the necessary arm64 rework is a
bit more fractal than I thought (e.g. SDEI bits), so it might be a short
while before I post a series.

It might be handy to have a stable branch with the common bits so that
the arm64 rework could go via the arm64 tree in case there's any
fallout.

Thanks for all of this!

Mark.