lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87jyzr9tuo.ffs@tglx>
Date: Sat, 15 Nov 2025 16:51:59 +0100
From: Thomas Gleixner <tglx@...utronix.de>
To: Christophe Leroy <christophe.leroy@...roup.eu>, Alexander Viro
 <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Jan
 Kara <jack@...e.cz>, Ingo Molnar <mingo@...hat.com>, Peter Zijlstra
 <peterz@...radead.org>, Darren Hart <dvhart@...radead.org>, Davidlohr
 Bueso <dave@...olabs.net>, Andre Almeida <andrealmeid@...lia.com>, Andrew
 Morton <akpm@...ux-foundation.org>, Eric Dumazet <edumazet@...gle.com>,
 Kuniyuki Iwashima <kuniyu@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
 Willem de Bruijn <willemb@...gle.com>, "David S. Miller"
 <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Simon Horman
 <horms@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Dave Hansen
 <dave.hansen@...ux.intel.com>, Madhavan Srinivasan <maddy@...ux.ibm.com>,
 Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>
Cc: Christophe Leroy <christophe.leroy@...roup.eu>,
 linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org,
 linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
 linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH v4 02/10] uaccess: Add speculation barrier to
 copy_from_user_iter()

On Thu, Nov 06 2025 at 12:31, Christophe Leroy wrote:
> The results of "access_ok()" can be mis-speculated.  The result is that
> you can end speculatively:
>
> 	if (access_ok(from, size))
> 		// Right here

This is actually the wrong patch ordering as the barrier is missing in
the current code. So please add the missing barrier first.

As a bonus the subject of the first patch makes actually sense
then. Right now it does not because there is nothing to avoid :)

Also please use the same prefix for these two patches which touch the
iter code.

> For the same reason as done in copy_from_user() by
> commit 74e19ef0ff80 ("uaccess: Add speculation barrier to
> copy_from_user()"), add a speculation barrier to copy_from_user_iter().
>
> See commit 74e19ef0ff80 ("uaccess: Add speculation barrier to
> copy_from_user()") for more details.

No need to repeat that. Anyone with more than two braincells can look at
that commit, which you mentioned already two lines above already.

Thanks,

        tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ