On Sat, 12 Oct 2024 at 07:21, Borislav Petkov <b...@alien8.de> wrote:
>
> Commit
>
> 2865baf54077 ("x86: support user address masking instead of
> non-speculative conditional")
No.
Thos started long before. Again, see commit b19b74bc99b1 ("x86/mm:
Rework address range check in get_user() and put_user()") and the code
it generates.
get_user() results in a plain calls to __get_user_X, where X is the
size. No barriers. And __get_user_X() does that exact same thing.
And no, your suggested patch looks very suspicious:
+#define mask_user_address(x) ((typeof(x)) \
+ ((long)(x) | ((long)(x) << (63 -
__VIRTUAL_MASK_SHIFT) >> 63)))
that does no masking at all on a kernel address, so you can feed it
random kernel addresses and it will just access them,
Linus
