On Fri, 5 Jan 2018 18:52:07 -0800 Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > On Fri, Jan 5, 2018 at 5:10 PM, Dan Williams <dan.j.williams@xxxxxxxxx> wrote: > > From: Andi Kleen <ak@xxxxxxxxxxxxxxx> > > > > When access_ok fails we should always stop speculating. > > Add the required barriers to the x86 access_ok macro. > > Honestly, this seems completely bogus. Also for x86-64 if we are trusting that an AND with a constant won't get speculated into something else surely we can just and the address with ~(1 << 63) before copying from/to user space ? The user will then just speculatively steal their own memory. Alan
