From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752306AbcFUI36 (ORCPT <rfc822;w@1wt.eu>);
	Tue, 21 Jun 2016 04:29:58 -0400
Received: from mail-lb0-f193.google.com ([209.85.217.193]:35162 "EHLO
	mail-lb0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752140AbcFUI3t (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 21 Jun 2016 04:29:49 -0400
Date: Tue, 21 Jun 2016 10:18:18 +0200
From: Ingo Molnar <mingo@kernel.org>
To: Thomas Garnier <thgarnie@google.com>
Cc: Kees Cook <keescook@chromium.org>, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
        x86@kernel.org, Borislav Petkov <bp@suse.de>,
        Juergen Gross <jgross@suse.com>,
        Matt Fleming <matt@codeblueprint.co.uk>,
        Toshi Kani <toshi.kani@hpe.com>, Baoquan He <bhe@redhat.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Martin Schwidefsky <schwidefsky@de.ibm.com>,
        Andy Lutomirski <luto@kernel.org>,
        Alexander Kuleshov <kuleshovmail@gmail.com>,
        Alexander Popov <alpopov@ptsecurity.com>,
        Joerg Roedel <jroedel@suse.de>, Dave Young <dyoung@redhat.com>,
        Lv Zheng <lv.zheng@intel.com>, Mark Salter <msalter@redhat.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        Dmitry Vyukov <dvyukov@google.com>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        David Rientjes <rientjes@google.com>,
        Christian Borntraeger <borntraeger@de.ibm.com>,
        Jan Beulich <JBeulich@suse.com>,
        Kefeng Wang <wangkefeng.wang@huawei.com>,
        Seth Jennings <sjennings@variantweb.net>,
        Yinghai Lu <yinghai@kernel.org>, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v6 1/3] x86/mm: PUD VA support for physical mapping
 (x86_64)
Message-ID: <20160621081818.GA10442@gmail.com>
References: <1464217055-17654-1-git-send-email-keescook@chromium.org>
 <1464217055-17654-2-git-send-email-keescook@chromium.org>
 <20160617090213.GC4791@gmail.com>
 <CAJcbSZGFjcniVwmtcVFCYAPxzGwv2oSbH1c86goKPjZeLH9tqQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAJcbSZGFjcniVwmtcVFCYAPxzGwv2oSbH1c86goKPjZeLH9tqQ@mail.gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


* Thomas Garnier <thgarnie@google.com> wrote:

> > Secondly, and that's a new problem introduced by this patch:
> >
> >> +     int i = pud_index((unsigned long)__va(addr));
> >> +             pud_t *pud = pud_page + pud_index((unsigned long)__va(addr));
> >
> > ... beyond the repetition, using type casts is fragile. Type casts should be a red
> > flag to anyone involved in low level, security relevant code! So I'm pretty
> > unhappy about seeing such a problem in such a patch.
> >
> > This code should be doing something like:
> >
> >         unsigned long vaddr_start = __va(paddr_start);
> >
> > ... which gets rid of the type cast, the repetition and documents the code much
> > better as well.
> 
> Unfortunately, we can't do that because __va return a void*. We will
> get this warning on compile:
> 
> arch/x86/mm/init_64.c:537:8: warning: assignment makes integer from
> pointer without a cast [enabled by default]
>   vaddr = __va(paddr_start);
> 
> If we used void*, we would need to type cast even more places. What do
> you think?

Hm, indeed, you are right - so I guess the type cast is OK.

Thanks,

	Ingo