From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Date: Fri, 22 Feb 2019 13:20:58 -0800 > On Fri, Feb 22, 2019 at 11:27 AM Alexei Starovoitov > <alexei.starovoitov@xxxxxxxxx> wrote: >> >> On bpf side the bpf_probe_read() helper just calls probe_kernel_read() >> and users pass both user and kernel addresses into it and expect >> that the helper will actually try to read from that address. > > As mentioned earlier in the thread, that's actually fundamentally broken. > > There are architectures that have physically separate address spaces, > with the same pointer value in both kernel and user space. > > They are rare, but they exist. At least sparc32 and the old 4G:4G split x86. And sparc64. > So a pointer really should always unambiguously always be explicitly > _either_ a kernel pointer, or a user pointer. You can't have "this is > a pointer", and then try to figure it out by looking at the value. > That may happen to work on x86-64, but it's literally a "happen to > work on the most common architectures", not a design thing. Don't be surprised if we see more separation like this in the future too. So it's not a smart thing to code against even if you can discount all of the examples Linus gives above.
