RE: [PATCH v4 3/4] x86/uaccess: Use pointer masking to limit uaccess speculation

From: David Laight
Date: Thu May 06 2021 - 03:57:52 EST


From: Linus Torvalds
> Sent: 05 May 2021 19:32
>
> On Wed, May 5, 2021 at 1:48 AM David Laight <David.Laight@xxxxxxxxxx> wrote:
> >
> > This would error requests for address 0 earlier - but I don't
> > believe they are ever valid in Linux.
> > (Some historic x86 a.out formats did load to address 0.)
>
> Not only loading at address 0 - there are various real reason s why
> address 0 might actually be needed.
>
> Anybody who still runs a 32-bit kernel and wants to use vm86 mode, for
> example, requires address 0 because that's simply how the hardware
> works.
>
> So no. "mask to zero and make zero invalid" is not a proper model.

I had my doubts.
But letting userspace map address zero has been a security problem.
It can turn a kernel panic into executing 'user' code with
supervisor permissions.

So I did wonder if it had been banned completely.

David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)