On Tue, Jun 02, 2020 at 06:15:57PM +0800, Jason Wang wrote: > > On 2020/6/2 下午4:45, Michael S. Tsirkin wrote: > > So vhost needs to poke at userspace *a lot* in a quick succession. It > > is thus benefitial to enable userspace access, do our thing, then > > disable. Except access_ok has already been pre-validated with all the > > relevant nospec checks, so we don't need that. Add an API to allow > > userspace access after access_ok and barrier_nospec are done. > > > > Signed-off-by: Michael S. Tsirkin <m...@redhat.com> > > --- > > > > Jason, so I've been thinking using something along these lines, > > then switching vhost to use unsafe_copy_to_user and friends would > > solve lots of problems you observed with SMAP. > > > > What do you think? > > > I'm fine with this approach.
I am not. > > Do we need any other APIs to make it practical? > > > It's not clear whether we need a new API, I think __uaccess_being() has the > assumption that the address has been validated by access_ok(). __uaccess_begin() is a stopgap, not a public API. The problem is real, but "let's add a public API that would do user_access_begin() with access_ok() already done" is no-go.
