From: Ingo Molnar <mingo@kernel.org>
To: Mateusz Guzik <mjguzik@gmail.com>
Cc: mingo@redhat.com, x86@kernel.org, linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Uros Bizjak <ubizjak@gmail.com>, "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH] x86: predict __access_ok() returning true
Date: Tue, 1 Apr 2025 23:00:09 +0200 [thread overview]
Message-ID: <Z-xT2Td5_8XbSO1t@gmail.com> (raw)
In-Reply-To: <CAGudoHESK=sPyYLjqubjfAy-Un18EML8HX45EgfL+UhiqU8bHA@mail.gmail.com>
* Mateusz Guzik <mjguzik@gmail.com> wrote:
> On Tue, Apr 1, 2025 at 10:43 PM Ingo Molnar <mingo@kernel.org> wrote:
> >
> >
> > * Ingo Molnar <mingo@kernel.org> wrote:
> >
> > > It's also the right place to have the hint: that user addresses are
> > > valid is the common case we optimize for.
> > >
> > > Thanks,
> > >
> > > Ingo
> > >
> > > arch/x86/include/asm/uaccess_64.h | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
> > > index c52f0133425b..4c13883371aa 100644
> > > --- a/arch/x86/include/asm/uaccess_64.h
> > > +++ b/arch/x86/include/asm/uaccess_64.h
> > > @@ -54,7 +54,7 @@ static inline unsigned long __untagged_addr_remote(struct mm_struct *mm,
> > > #endif
> > >
> > > #define valid_user_address(x) \
> > > - ((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX))
> > > + likely((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX))
> >
> > Should we go this way, this is the safe macro variant:
> >
> > #define valid_user_address(x) \
> > (likely((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX)))
> >
>
> Note the are 2 tests and the other one does not get covered by *this* likely:
> valid_user_address(sum) && sum >= (__force unsigned long)ptr;
>
> as in sum >= ptr is left be.
>
> However, I confirmed that with your patch the issue also goes away so
> I guess it is fine.
>
> I think it would be the safest to likely within valid_user_address()
> like in your patch, and likely on the entire expression like in mine.
>
> That said, there will be no hard feelz if you just commit your patch
> and drop mine.
Feel free to turn it into a Co-developed-by patch:
From: Mateusz Guzik <mjguzik@gmail.com>
...
Co-developed-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
Because all I did was to transform your fix into something a bit more
maintainable. I didn't even test it.
Thanks,
Ingo
next prev parent reply other threads:[~2025-04-01 21:00 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-01 20:30 [PATCH] x86: predict __access_ok() returning true Mateusz Guzik
2025-04-01 20:35 ` Ingo Molnar
2025-04-01 20:43 ` Ingo Molnar
2025-04-01 20:49 ` Mateusz Guzik
2025-04-01 21:00 ` Ingo Molnar [this message]
2025-04-01 21:11 ` Mateusz Guzik
2025-04-02 7:15 ` Uros Bizjak
2025-04-09 21:32 ` [tip: x86/asm] x86/uaccess: Predict valid_user_address() " tip-bot2 for Mateusz Guzik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z-xT2Td5_8XbSO1t@gmail.com \
--to=mingo@kernel.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=mjguzik@gmail.com \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=ubizjak@gmail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.