On Sat, Aug 20, 2016 at 04:32:57PM -0700, Linus Torvalds wrote: > Anyway, the asm coming out of gcc looks nasty, because it has all the > ugly section stuiff and fixups for SMAP not existing on some CPU's > etc. So the resulting fs/readdir.s file is hard to read. But if you > look at the disassembly at the object file that hides all that (and > shows what the end result actually is), the actual filldir user > accesses end up looking beautiful, with no extra code anywhere. An > exception just goes to the EFAULT handling directly. > > Sadly, unsafe_get_user() looking as good does require gcc improvements > that aren't imminent. > > This patch is untested, although the earlier original pre-rebased > version of it actually got a fair amount of testing on my machine > (including the filldir use) Interesting... BTW, how's this in the "really vile tricks" department? if (!uaccess_begin()) goto fail; unsafe_... ... uacess_end(); with uaccess_begin() along the lines of p = ¤t_thread_info()->foo; asm .text: STAC *p = 1f res = true; 2:; .fixups: 1:res = false; CLAC jmp 2; if (unlikely(res)) asm clobber everything res; and exception handlers in unsafe_... jumping to the address found in current_thread_info()->foo. AFAICS, it should avoid the problems with asm goto, right? The branch target is tied to the entry into the damn series, so it's not as if it could disappear; and path to a branch cc(1) doesn't see passes through the chunk produced by that asm block in uaccess_begin(), so if it looks unreachable without taking those branches into account, it _is_ unreachable. -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
