On 12/10/2024 3:09 pm, Josh Poimboeuf wrote: > On Sat, Oct 12, 2024 at 09:48:57AM +0100, Andrew Cooper wrote: >> On 12/10/2024 5:09 am, Josh Poimboeuf wrote: >>> For x86-64, the barrier_nospec() in copy_from_user() is overkill and >>> painfully slow. Instead, use pointer masking to force the user pointer >>> to a non-kernel value even in speculative paths. >>> >>> Signed-off-by: Josh Poimboeuf <jpoim...@kernel.org> >> You do realise mask_user_address() is unsafe under speculation on AMD >> systems? >> >> Had the mask_user_address() patch been put for review, this feedback >> would have been given then. >> >> >> AMD needs to arrange for bit 47 (bit 58 with LA57) to be the one >> saturated by shifting, not bit 63. > Ok... why?
CVE-2020-12965 https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1010.html ~Andrew
