From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9D4A2C32793
	for <linux-mm@archiver.kernel.org>; Wed, 18 Jan 2023 16:49:24 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 108EA6B0072; Wed, 18 Jan 2023 11:49:24 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 0B9AF6B0075; Wed, 18 Jan 2023 11:49:24 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id EC2BA6B0078; Wed, 18 Jan 2023 11:49:23 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id DD2716B0072
	for <linux-mm@kvack.org>; Wed, 18 Jan 2023 11:49:23 -0500 (EST)
Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id 78B481A0998
	for <linux-mm@kvack.org>; Wed, 18 Jan 2023 16:49:23 +0000 (UTC)
X-FDA: 80368505406.28.7C368C7
Received: from desiato.infradead.org (desiato.infradead.org [90.155.92.199])
	by imf22.hostedemail.com (Postfix) with ESMTP id B673CC0010
	for <linux-mm@kvack.org>; Wed, 18 Jan 2023 16:49:19 +0000 (UTC)
Authentication-Results: imf22.hostedemail.com;
	dkim=pass header.d=infradead.org header.s=desiato.20200630 header.b=BZ1vl+eV;
	spf=none (imf22.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.92.199) smtp.mailfrom=peterz@infradead.org;
	dmarc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1674060561;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=NoQkT4bAeFUtKhReQlXOayJmOIx8fi/SsB/fWlbrzXQ=;
	b=KbXUhfx+kTGjEoGClziIzO9aQ0si1pc1Twh5+ilGfmh02OIGwiLRHipGxwD0rtHkLVHDNh
	ffWl1FEOZVLjLlINsH+LIZUkbWR3wq0q9u9ORu9BfNWk1ZcHTudOqwKMV0Z3BtMmE/FeCL
	uAcAZeVGKTwxA1JXHCoZGywX6+qQHSE=
ARC-Authentication-Results: i=1;
	imf22.hostedemail.com;
	dkim=pass header.d=infradead.org header.s=desiato.20200630 header.b=BZ1vl+eV;
	spf=none (imf22.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.92.199) smtp.mailfrom=peterz@infradead.org;
	dmarc=none
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1674060561; a=rsa-sha256;
	cv=none;
	b=UOSq8RrhRXvRrj41I+eXo6s/SFI8/dvHI2peP4VJD58I6q5M4kPDvNznJTNFcQwN+LEhLf
	cfIjbGaBx17C2h7AnzATgclPhBye8BUxxuMMGLSdcWePkXm80OnTQoeCLNJieWMAT8IgY6
	/12AvFITMuWOuhADH4inE3vdeRjDO0o=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version:
	References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description;
	bh=NoQkT4bAeFUtKhReQlXOayJmOIx8fi/SsB/fWlbrzXQ=; b=BZ1vl+eV0aBW85PIlSsd4uGqBn
	zc9sXI+JywLhi61h/6zxZmH5YXB+YjyJLjy3kJTCpZNv532AZv6O2seW9haxn5H3yUNdUB2sIi6xG
	wq8Eagx4eb7hsFFspIYUDGUr4WFEKICOhoh0mT2z053/9tXaMK+loxX5CKFrp/yu4PUP0OIAWccdZ
	RMYK9XXU7qBH4U17RS7XBBcFTPHqwkXxyAyTZeU6qOELe6Kc+dMD4k8qpgKqfVDgyHwQfXdIUmHcu
	rwhKR24bbsLqb2sUksVytStpMylNzI82SIls6q2BU/8Fk6Z3v0VwMDvEj+ncmvC8Oaal+hHaPbUAb
	1MMovObA==;
Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net)
	by desiato.infradead.org with esmtpsa (Exim 4.96 #2 (Red Hat Linux))
	id 1pIBc3-0002uG-0r;
	Wed, 18 Jan 2023 16:48:35 +0000
Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id AE30230030F;
	Wed, 18 Jan 2023 17:48:59 +0100 (CET)
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000)
	id 8E7B720A68C2A; Wed, 18 Jan 2023 17:48:59 +0100 (CET)
Date: Wed, 18 Jan 2023 17:48:59 +0100
From: Peter Zijlstra <peterz@infradead.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Andy Lutomirski <luto@kernel.org>, x86@kernel.org,
	Kostya Serebryany <kcc@google.com>,
	Andrey Ryabinin <ryabinin.a.a@gmail.com>,
	Andrey Konovalov <andreyknvl@gmail.com>,
	Alexander Potapenko <glider@google.com>,
	Taras Madan <tarasmadan@google.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	"H . J . Lu" <hjl.tools@gmail.com>, Andi Kleen <ak@linux.intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Bharata B Rao <bharata@amd.com>,
	Jacob Pan <jacob.jun.pan@linux.intel.com>,
	Ashok Raj <ashok.raj@intel.com>, linux-mm@kvack.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCHv14 01/17] x86/mm: Rework address range check in
 get_user() and put_user()
Message-ID: <Y8gi+/Y0qcjtRf6m@hirez.programming.kicks-ass.net>
References: <20230111123736.20025-1-kirill.shutemov@linux.intel.com>
 <20230111123736.20025-2-kirill.shutemov@linux.intel.com>
 <Y8gVJUDEFE5U7xAq@hirez.programming.kicks-ass.net>
 <CAHk-=wj4PDt_73n5rG9obkXrRQFcxN8vUhG6T9DipxozybH9_w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=wj4PDt_73n5rG9obkXrRQFcxN8vUhG6T9DipxozybH9_w@mail.gmail.com>
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: B673CC0010
X-Rspam-User: 
X-Stat-Signature: b4oxdgs63jjn8yqbacrzxsxhfmmjox6k
X-HE-Tag: 1674060559-677986
X-HE-Meta: U2FsdGVkX19cFujvhNzNfdcjYniPJkauDCnf0exowkD86hwolZnsbQWG/nV3CX5zPoFuTueM0UEArzTUDcB9iKoZU3A+TvHUrlWgAL5ROG/UDtjm/Tf1/+/mQDH8+1OHx0AvaFV7hgAwRjPL576HhcBYqxhLlcmJdofdaepzZEY+lSZxx8UBcWDCY6aet8gYSG2hK+TLhnTcWy3abUWmvGslJQkJ1LhhiRegSkBWEcCyOIuwk+TWRCAUzCOhG4BQiLMqGsW1l8c4NXWCowbVF9yI7TiacMuGgC8F3YGxfOVtZXxySepOyQJq7dBiSsS4ZQ/k1bcOo/hPBY/mh82v3lQMMAJv2laKSTEmeF2KBSbFrbbgzL7YkftkcCutUtNxP/0OQcdAjaSLtIQys2jhfoo/BoixJLMCBrh5V/twn5OVJEtlUWHoOrpOLcvOYlMaBtafD3L6EWj5+Xmis9lsHFJCcr3+1ZJgF9ZdmaIrEdOajk1OqcdyA3z+vS2xYEaaKzK32Yyn5GjJWmx3hfYV+3Fp9m2NQ1LOjHF4IKHpsjcMLaYuB2z+bzXOhi97Pz9MmjjIyqQOeyJ+hFlmy1j+zl33DXb/7gOOaUnFizMMj0wNDYoTWqF5BH/3TjAxe/Ppkx2B7OZ6WGgXqmkhKQwfkxIbL7W2thccB9KRo48rURzBFnMepFQtrdfHHXYAhhfAKlYMmyPYdOnszCi+lLFRIJFKkNqKSYX2xHvNlw39GTE1SVUXKLA8NIXs3x0IlgHgcXMVsaB13Wpf10hxhJYLRijO+zjNzctYEjdDH7sfE8SKwiDbh7rSoEZ8n6BsBd0HU5Godzwqrw2DhjihlJX3fK2hwK2OOe1E9KYXYb2XfuzCrUHGaL3Fm6smTeJ6egWXcf6rfKXxFTsh3CCylH187ErYfJGN6SjkzaObXhkYlzX5SkshLBW/1Fjzy7WpIER3+5qi68coYNF+4lZ711s
 bIjXttF9
 c7SDy
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Wed, Jan 18, 2023 at 07:59:21AM -0800, Linus Torvalds wrote:

> We don't silence it - for a kernel address that turns into an all-ones
> address, the the _ASM_EXTABLE() will still cause the -EFAULT due to
> the page fault.

> But it's not the high bit set case that is the problem here.

Yes, and the explicit bad_get_user jump would not print the message and
now with _UA removed it won't either (I seem to have my wires crossed
just now).

> The problem is a "positive" address that is non-canonical.
> 
> Testing against TASK_SIZE_MAX would catch non-canonical addresses
> before the access, and we'd return -EFAULT.
> 
> But now that we don't test against TASK_SIZE_MAX any more,
> non-canonical accesses will cause a GP fault, and *that* message is
> what we want to silence.

Right, but I was thinking that we'd explicitly allowed those because
with LAM enabled we'd actually accept those addresses.

> We'll still return -EFAULT, of course, we're just getting rid of the
> 
>         WARN_ONCE(trapnr == X86_TRAP_GP,
>                 "General protection fault in user access.
> Non-canonical address?");
> 
> issue that comes from not being so exact about the address limit any more.

Ah indeed, so for !LAM we'd now print the message were we would not
before (the whole TASK_SIZE_MAX+ range).

OK, agreed.