On Thu, Nov 06 2025 at 12:31, Christophe Leroy wrote:
> The results of "access_ok()" can be mis-speculated. The result is that
> you can end speculatively:
>
> if (access_ok(from, size))
> // Right here
This is actually the wrong patch ordering as the barrier is missing in
the current code. So please add the missing barrier first.
As a bonus the subject of the first patch makes actually sense
then. Right now it does not because there is nothing to avoid :)
Also please use the same prefix for these two patches which touch the
iter code.
> For the same reason as done in copy_from_user() by
> commit 74e19ef0ff80 ("uaccess: Add speculation barrier to
> copy_from_user()"), add a speculation barrier to copy_from_user_iter().
>
> See commit 74e19ef0ff80 ("uaccess: Add speculation barrier to
> copy_from_user()") for more details.
No need to repeat that. Anyone with more than two braincells can look at
that commit, which you mentioned already two lines above already.
Thanks,
tglx
