diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2023-05-03 10:13:41 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2023-05-03 10:37:22 -0700 |
commit | 798dec3304f69b97cdf78f485473fb5653fc22d1 (patch) | |
tree | 28e46b4fe13db85eb857e510f945275415c12109 /arch/x86/mm/extable.c | |
parent | 1dbc0a9515fdf1f0b9d6c9b1954a347c94e5f5f9 (diff) | |
download | linux-x86-uaccess-cleanup.tar.gz linux-x86-uaccess-cleanup.tar.bz2 linux-x86-uaccess-cleanup.zip |
x86-64: mm: clarify the 'positive addresses' user address rulesx86-uaccess-cleanup
Dave Hansen found the "(long) addr >= 0" code in the x86-64 access_ok
checks somewhat confusing, and suggested using a helper to clarify what
the code is doing.
So this does exactly that: clarifying what the sign bit check is all
about, by adding a helper macro that makes it clear what it is testing.
This also adds some explicit comments talking about how even with LAM
enabled, any addresses with the sign bit will still GP-fault in the
non-canonical region just above the sign bit.
This is all what allows us to do the user address checks with just the
sign bit, and furthermore be a bit cavalier about accesses that might be
done with an additional offset even past that point.
(And yes, this talks about 'positive' even though zero is also a valid
user address and so technically we should call them 'non-negative'. But
I don't think using 'non-negative' ends up being more understandable).
Suggested-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'arch/x86/mm/extable.c')
-rw-r--r-- | arch/x86/mm/extable.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c index 8d38dedadbb1..271dcb2deabc 100644 --- a/arch/x86/mm/extable.c +++ b/arch/x86/mm/extable.c @@ -143,12 +143,12 @@ static bool gp_fault_address_ok(unsigned long fault_address) { #ifdef CONFIG_X86_64 /* Is it in the "user space" part of the non-canonical space? */ - if ((long) fault_address >= 0) + if (valid_user_address(fault_address)) return true; /* .. or just above it? */ fault_address -= PAGE_SIZE; - if ((long) fault_address >= 0) + if (valid_user_address(fault_address)) return true; #endif return false; |