From: Ingo Molnar <mingo@kernel.org>
To: Mateusz Guzik <mjguzik@gmail.com>
Cc: mingo@redhat.com, x86@kernel.org, linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Uros Bizjak <ubizjak@gmail.com>, "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH] x86: predict __access_ok() returning true
Date: Tue, 1 Apr 2025 23:00:09 +0200 [thread overview]
Message-ID: <Z-xT2Td5_8XbSO1t@gmail.com> (raw)
In-Reply-To: <CAGudoHESK=sPyYLjqubjfAy-Un18EML8HX45EgfL+UhiqU8bHA@mail.gmail.com>
* Mateusz Guzik <mjguzik@gmail.com> wrote:
> On Tue, Apr 1, 2025 at 10:43 PM Ingo Molnar <mingo@kernel.org> wrote:
> >
> >
> > * Ingo Molnar <mingo@kernel.org> wrote:
> >
> > > It's also the right place to have the hint: that user addresses are
> > > valid is the common case we optimize for.
> > >
> > > Thanks,
> > >
> > > Ingo
> > >
> > > arch/x86/include/asm/uaccess_64.h | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
> > > index c52f0133425b..4c13883371aa 100644
> > > --- a/arch/x86/include/asm/uaccess_64.h
> > > +++ b/arch/x86/include/asm/uaccess_64.h
> > > @@ -54,7 +54,7 @@ static inline unsigned long __untagged_addr_remote(struct mm_struct *mm,
> > > #endif
> > >
> > > #define valid_user_address(x) \
> > > - ((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX))
> > > + likely((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX))
> >
> > Should we go this way, this is the safe macro variant:
> >
> > #define valid_user_address(x) \
> > (likely((__force unsigned long)(x) <= runtime_const_ptr(USER_PTR_MAX)))
> >
>
> Note the are 2 tests and the other one does not get covered by *this* likely:
> valid_user_address(sum) && sum >= (__force unsigned long)ptr;
>
> as in sum >= ptr is left be.
>
> However, I confirmed that with your patch the issue also goes away so
> I guess it is fine.
>
> I think it would be the safest to likely within valid_user_address()
> like in your patch, and likely on the entire expression like in mine.
>
> That said, there will be no hard feelz if you just commit your patch
> and drop mine.
Feel free to turn it into a Co-developed-by patch:
From: Mateusz Guzik <mjguzik@gmail.com>
...
Co-developed-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
Because all I did was to transform your fix into something a bit more
maintainable. I didn't even test it.
Thanks,
Ingo
next prev parent reply other threads:[~2025-04-01 21:00 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-01 20:30 [PATCH] x86: predict __access_ok() returning true Mateusz Guzik
2025-04-01 20:35 ` Ingo Molnar
2025-04-01 20:43 ` Ingo Molnar
2025-04-01 20:49 ` Mateusz Guzik
2025-04-01 21:00 ` Ingo Molnar [this message]
2025-04-01 21:11 ` Mateusz Guzik
2025-04-02 7:15 ` Uros Bizjak
2025-04-09 21:32 ` [tip: x86/asm] x86/uaccess: Predict valid_user_address() " tip-bot2 for Mateusz Guzik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z-xT2Td5_8XbSO1t@gmail.com \
--to=mingo@kernel.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=mjguzik@gmail.com \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=ubizjak@gmail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox