| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9f4e874a-89d0-4915-ac53-cf5449d9762b@linux.ibm.com>
Date: Thu, 13 Nov 2025 11:40:42 +0530
From: Madhavan Srinivasan <maddy@...ux.ibm.com>
To: Christophe Leroy <christophe.leroy@...roup.eu>,
Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Darren Hart <dvhart@...radead.org>,
Davidlohr Bueso <dave@...olabs.net>,
Andre Almeida <andrealmeid@...lia.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Eric Dumazet
<edumazet@...gle.com>,
Kuniyuki Iwashima <kuniyu@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
Willem de Bruijn <willemb@...gle.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>, Simon Horman <horms@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Michael Ellerman <mpe@...erman.id.au>,
Nicholas Piggin <npiggin@...il.com>
Cc: linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH v4 00/10] powerpc: Implement masked user access
On 11/6/25 5:01 PM, Christophe Leroy wrote:
> This is a rebase on top of commit 6ec821f050e2 (tag: core-scoped-uaccess)
> from tip tree.
>
> Thomas, Peter, could you please take non-powerpc patches (1, 2, 3)
> in tip tree for v6.19, then Maddy will take powerpc patches (4-10)
> into powerpc-next for v6.20.
Thomas/Peter,
If you can please take non-powerpc patches in this series
in v6.19, I will park the rest of the series (4-10)
to the v6.20 merge.
Maddy
>
> Masked user access avoids the address/size verification by access_ok().
> Allthough its main purpose is to skip the speculation in the
> verification of user address and size hence avoid the need of spec
> mitigation, it also has the advantage to reduce the amount of
> instructions needed so it also benefits to platforms that don't
> need speculation mitigation, especially when the size of the copy is
> not know at build time.
>
> Patches 1,2,4 are cleaning up some redundant barrier_nospec()
> introduced by commit 74e19ef0ff80 ("uaccess: Add speculation barrier
> to copy_from_user()"). To do that, a speculation barrier is added to
> copy_from_user_iter() so that the barrier in powerpc raw_copy_from_user()
> which is redundant with the one in copy_from_user() can be removed. To
> avoid impacting x86, copy_from_user_iter() is first converted to using
> masked user access.
>
> Patch 3 replaces wrong calls to masked_user_access_begin() with calls
> to masked_user_read_access_begin() and masked_user_write_access_begin()
> to match with user_read_access_end() and user_write_access_end().
>
> Patches 5,6,7 are cleaning up powerpc uaccess functions.
>
> Patches 8 and 9 prepare powerpc/32 for the necessary gap at the top
> of userspace.
>
> Last patch implements masked user access.
>
> Changes in v4:
> - Rebased on top of commit 6ec821f050e2 (tag: core-scoped-uaccess) from tip tree
> - Patch 3: Simplified as masked_user_read_access_begin() and masked_user_write_access_begin() are already there.
> - Patch 10: Simplified mask_user_address_simple() as suggested by Gabriel.
>
> Changes in v3:
> - Rebased on top of v6.18-rc1
> - Patch 3: Impact on recently modified net/core/scm.c
> - Patch 10: Rewrite mask_user_address_simple() for a smaller result on powerpc64, suggested by Gabriel
>
> Changes in v2:
> - Converted copy_from_user_iter() to using masked user access.
> - Cleaned up powerpc uaccess function to minimise code duplication
> when adding masked user access
> - Automated TASK_SIZE calculation to minimise use of BUILD_BUG_ON()
> - Tried to make some commit messages more clean based on feedback from
> version 1 of the series.
>
> Christophe Leroy (10):
> iter: Avoid barrier_nospec() in copy_from_user_iter()
> uaccess: Add speculation barrier to copy_from_user_iter()
> uaccess: Use masked_user_{read/write}_access_begin when required
> powerpc/uaccess: Move barrier_nospec() out of
> allow_read_{from/write}_user()
> powerpc/uaccess: Remove unused size and from parameters from
> allow_access_user()
> powerpc/uaccess: Remove
> {allow/prevent}_{read/write/read_write}_{from/to/}_user()
> powerpc/uaccess: Refactor user_{read/write/}_access_begin()
> powerpc/32s: Fix segments setup when TASK_SIZE is not a multiple of
> 256M
> powerpc/32: Automatically adapt TASK_SIZE based on constraints
> powerpc/uaccess: Implement masked user access
>
> arch/powerpc/Kconfig | 3 +-
> arch/powerpc/include/asm/barrier.h | 2 +-
> arch/powerpc/include/asm/book3s/32/kup.h | 3 +-
> arch/powerpc/include/asm/book3s/32/mmu-hash.h | 5 +-
> arch/powerpc/include/asm/book3s/32/pgtable.h | 4 -
> arch/powerpc/include/asm/book3s/64/kup.h | 6 +-
> arch/powerpc/include/asm/kup.h | 52 +------
> arch/powerpc/include/asm/nohash/32/kup-8xx.h | 3 +-
> arch/powerpc/include/asm/nohash/32/mmu-8xx.h | 4 -
> arch/powerpc/include/asm/nohash/kup-booke.h | 3 +-
> arch/powerpc/include/asm/task_size_32.h | 28 +++-
> arch/powerpc/include/asm/uaccess.h | 132 +++++++++++++-----
> arch/powerpc/kernel/asm-offsets.c | 2 +-
> arch/powerpc/kernel/head_book3s_32.S | 6 +-
> arch/powerpc/mm/book3s32/mmu.c | 4 +-
> arch/powerpc/mm/mem.c | 2 -
> arch/powerpc/mm/nohash/8xx.c | 2 -
> arch/powerpc/mm/ptdump/segment_regs.c | 2 +-
> lib/iov_iter.c | 22 ++-
> lib/strncpy_from_user.c | 2 +-
> lib/strnlen_user.c | 2 +-
> net/core/scm.c | 2 +-
> 22 files changed, 161 insertions(+), 130 deletions(-)
>
Powered by blists - more mailing lists