On 12/10/2024 5:09 am, Josh Poimboeuf wrote:

For x86-64, the barrier_nospec() in copy_from_user() is overkill and
painfully slow.  Instead, use pointer masking to force the user pointer
to a non-kernel value even in speculative paths.

Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>

You do realise mask_user_address() is unsafe under speculation on AMD
systems?

Had the mask_user_address() patch been put for review, this feedback
would have been given then.


AMD needs to arrange for bit 47 (bit 58 with LA57) to be the one
saturated by shifting, not bit 63.

As it stands, you're reintroducing the very problem barrier_nospec() was
introduced to mitigate.

~Andrew