From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <viro@ftp.linux.org.uk>
X-Google-Smtp-Source: ACJfBouXTEi7rXllSU21QBf4N2GFALNRqeAn5ebG66UvhtsR/XjxSfhNtPK9lYJOShcfSQAseKj0
ARC-Seal: i=1; a=rsa-sha256; t=1516219543; cv=none;
        d=google.com; s=arc-20160816;
        b=xY6nLUZCIZIG0AFnejZgAxmbST7EcG2HMO9+z9S1vdzHVTS3obV7mq8lczkSMXkzgf
         S+azTvOmWQI/aCXN2zpxPNeirnhQaz20pm5FI1lZ9UVBwv9UqhrS+XwrmAqAAtK7PC0o
         NQiN0IdQlwXvMK0aZHUZz8F8KFWplcVvhfdspbnKo+ToVcCbkHHW0kHAAl36ss1yAERF
         fNiZns/yv3oP1sUDTbfN/ggZaVFoxEQ2rjJSsH3Zhf/vld2lYxjDS8VYnwGgI/q63p+7
         SqKt73AQOAv6dokIhugkD0A/5PBsJOAwZmyvaSvdGipJiviXpQmPvGwfu/vO3ozyDq9R
         PYCw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=sender:user-agent:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=A2CeSfHamiC5zDYLZZy+VFk++lyHszKYe+ZoRjlws7s=;
        b=raa/nSA+aUvZWRXs/rtT5NM6DBjix6JShIEKVgcHWanG41LUAIsthI5ZX45sUN8iLF
         fQq2AakdK/1SfmNoEokdH+CNkgsBiQZnbrdZ0K57S87/ZKUiYf4PsUTaQYvS//MzQTcX
         AMFkMO71+YCLsR56jEHVEqXeM72hJDLM5Ee2gwz37dwO08oB5UDSEuvVDyRHNjJVr60V
         NqH5CIKUwLLiX/msXV7S42eyLM0KC0kHmrszWffDukNOQe9uPjIZtArwcIGxvU69hQCU
         K/XL8et8qDXHHfqVmKEDGwu8YPAtoc1clPom4SbKrJoofagbkbEpfL/I98tFAQwgRXMf
         725Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of viro@ftp.linux.org.uk designates 195.92.253.2 as permitted sender) smtp.mailfrom=viro@ftp.linux.org.uk
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of viro@ftp.linux.org.uk designates 195.92.253.2 as permitted sender) smtp.mailfrom=viro@ftp.linux.org.uk
Date: Wed, 17 Jan 2018 20:05:32 +0000
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Dan Williams <dan.j.williams@intel.com>
Cc: Alan Cox <alan@linux.intel.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	linux-arch@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
	Kees Cook <keescook@chromium.org>,
	kernel-hardening@lists.openwall.com,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	the arch/x86 maintainers <x86@kernel.org>,
	Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH v3 8/9] x86: use __uaccess_begin_nospec and ASM_IFENCE in
 get_user paths
Message-ID: <20180117200532.GX13338@ZenIV.linux.org.uk>
References: <151586744180.5820.13215059696964205856.stgit@dwillia2-desk3.amr.corp.intel.com>
 <151586748981.5820.14559543798744763404.stgit@dwillia2-desk3.amr.corp.intel.com>
 <CA+55aFzoAR+MYX+ub0xZ32OsT7WtD5Kru2t6LhwB1buLWPResQ@mail.gmail.com>
 <CA+55aFxsg5+u7bCHj1N8xyyVf7-RMm-5ACNp=ENNrKL78omaow@mail.gmail.com>
 <CAPcyv4hfUx8gLScuNewY3+BWi4YBS_Z9dhvYf1D+WEWDDCShXA@mail.gmail.com>
 <CA+55aFxAFG5czVmCyhYMyHmXLNJ7pcXxWzusjZvLRh_qTGHj6Q@mail.gmail.com>
 <CA+55aFxB01XEEpdPynwYmzQMfTJdJnUrN+ZLqSV_UdnKLBgAZw@mail.gmail.com>
 <1516198646.4184.13.camel@linux.intel.com>
 <20180117185232.GW13338@ZenIV.linux.org.uk>
 <CAPcyv4iYVcCZxdd5wHDf2av8F=E1F7UGTX9uVzX68KkrJ1ZuQQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPcyv4iYVcCZxdd5wHDf2av8F=E1F7UGTX9uVzX68KkrJ1ZuQQ@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
Sender: Al Viro <viro@ftp.linux.org.uk>
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1589502788463144818?=
X-GMAIL-MSGID: =?utf-8?q?1589871421992421482?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

On Wed, Jan 17, 2018 at 11:54:12AM -0800, Dan Williams wrote:
> On Wed, Jan 17, 2018 at 10:52 AM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> > On Wed, Jan 17, 2018 at 02:17:26PM +0000, Alan Cox wrote:
> [..]
> >         Incidentally, what about copy_to_iter() and friends?  They
> > check iov_iter flavour and go either into the "copy to kernel buffer"
> > or "copy to userland" paths.  Do we need to deal with mispredictions
> > there?  We are calling a bunch of those on read()...
> >
> 
> Those should be protected by the conversion of __uaccess_begin to
> __uaccess_begin_nospec that includes the lfence.

Huh?  What the hell does it do to speculative execution of "memcpy those
suckers" branch?