Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation

[PATCH v4 00/10] prevent bounds-check bypass via speculative execution · Dan Williams <hidden> · 2018-01-19
[PATCH v4 01/10] Documentation: document array_ptr · Dan Williams <hidden> · 2018-01-19
[PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Dan Williams <hidden> · 2018-01-19
Re: [kernel-hardening] [PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Jann Horn <jannh@google.com> · 2018-01-19
Re: [kernel-hardening] [PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Linus Torvalds <torvalds@linux-foundation.org> · 2018-01-19
Re: [kernel-hardening] [PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Dan Williams <hidden> · 2018-01-19
Re: [PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Cyril Novikov <hidden> · 2018-01-25
Re: [PATCH v4 02/10] asm/nospec, array_ptr: sanitize speculative array de-references · Dan Williams <hidden> · 2018-01-25
[PATCH v4 03/10] x86: implement array_ptr_mask() · Dan Williams <hidden> · 2018-01-19
[PATCH v4 04/10] x86: introduce __uaccess_begin_nospec and ifence · Dan Williams <hidden> · 2018-01-19
[PATCH v4 05/10] x86, __get_user: use __uaccess_begin_nospec · Dan Williams <hidden> · 2018-01-19
[PATCH v4 06/10] x86, get_user: use pointer masking to limit speculation · Dan Williams <hidden> · 2018-01-19
[PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Dan Williams <hidden> · 2018-01-19
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Jiri Slaby <hidden> · 2018-01-24
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Luis Henriques <hidden> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Dan Williams <hidden> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Dan Williams <hidden> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Andy Lutomirski <luto@kernel.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Dan Williams <hidden> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-06
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Dan Williams <hidden> · 2018-02-07
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Linus Torvalds <torvalds@linux-foundation.org> · 2018-02-07
Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read under speculation · Luis Henriques <hidden> · 2018-02-06
[PATCH v4 08/10] vfs, fdtable: prevent bounds-check bypass via speculative execution · Dan Williams <hidden> · 2018-01-19
[PATCH v4 10/10] nl80211: sanitize array index in parse_txq_params · Dan Williams <hidden> · 2018-01-19
Re: [PATCH v4 10/10] nl80211: sanitize array index in parse_txq_params · Johannes Berg <johannes@sipsolutions.net> · 2018-01-21
[PATCH v4 09/10] kvm, x86: fix spectre-v1 mitigation · Dan Williams <hidden> · 2018-01-19
Re: [PATCH v4 09/10] kvm, x86: fix spectre-v1 mitigation · Paolo Bonzini <pbonzini@redhat.com> · 2018-01-19
Re: [PATCH v4 00/10] prevent bounds-check bypass via speculative execution · Dan Williams <hidden> · 2018-01-20
Re: [PATCH v4 00/10] prevent bounds-check bypass via speculative execution · Alexei Starovoitov <hidden> · 2018-01-20
Re: [PATCH v4 00/10] prevent bounds-check bypass via speculative execution · Alexei Starovoitov <hidden> · 2018-01-20

From: Linus Torvalds <torvalds@linux-foundation.org>
Date: 2018-02-06 22:52:59
Also in: lkml

On Tue, Feb 6, 2018 at 1:37 PM, Dan Williams [off-list ref] wrote:

At that point we're basically just back to the array_ptr() version
that returned a sanitized pointer to an array element.

.. that one does an extra unnecessary 'andq' instead of the duplicated
cmp.  But at least it avoids comparing that 32-bit integer twice, so
it's probably slightly smaller.

(And your code generation is without the "r" -> "ir" fix for the size argument)

Probably doesn't matter. But a "asm goto" would give you at least
potentially optimal code.

            Linus

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help