From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jpoimboe@redhat.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 19 Nov
  2019 18:21:30 -0000
Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]
 helo=us-smtp-1.mimecast.com)	by Galois.linutronix.de with esmtps
 (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)	(Exim 4.80)	(envelope-from
 <jpoimboe@redhat.com>)	id 1iX880-0000SY-VJ	for speck@linutronix.de; Tue, 19
 Nov 2019 19:21:29 +0100
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No
 client certificate requested)	by mimecast-mx01.redhat.com (Postfix) with
 ESMTPS id 042F510B9EC9	for <speck@linutronix.de>; Tue, 19 Nov 2019 18:21:23
 +0000 (UTC)
Received: from treble (ovpn-124-31.rdu2.redhat.com [10.10.124.31])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 83B7D610B0
	for <speck@linutronix.de>; Tue, 19 Nov 2019 18:21:22 +0000 (UTC)
Date: Tue, 19 Nov 2019 12:21:20 -0600
From: Josh Poimboeuf <jpoimboe@redhat.com>
Subject: [MODERATED] Re: LVI
Message-ID: <20191119182120.w4pjlvkjncqmv7ln@treble>
References: <20191119174008.7dbymix2eo4mrv57@treble>
 <20191119181257.GA2283647@kroah.com>
MIME-Version: 1.0
In-Reply-To: <20191119181257.GA2283647@kroah.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Tue, Nov 19, 2019 at 07:12:57PM +0100, speck for Greg KH wrote:
> > --- a/arch/x86/include/asm/uaccess.h
> > +++ b/arch/x86/include/asm/uaccess.h
> > @@ -119,9 +119,9 @@ extern int __get_user_bad(void);
> >  
> >  #define __uaccess_begin() stac()
> >  #define __uaccess_end()   clac()
> > -#define __uaccess_begin_nospec()	\
> > +#define __uaccess_end_nospec()	\
> >  ({					\
> > -	stac();				\
> > +	clac();				\
> >  	barrier_nospec();		\
> >  })
> 
> Um, don't we _really_ want stac() here?  That's the only thing that is
> saving our butts in a number of places.  Why get rid of it?  Otherwise
> it should be easy to cause a speculatave load by userspace for any
> address they feel like.
> 
> Or am I mistaken about what you are trying to solve here?

Notice I renamed it to from __uaccess_begin_nospec() to
__uaccess_end_nospec() ;-)

The idea is to move the LFENCE from _before_ the copy to _after_ the
copy.  I didn't mess with stac/clac.

-- 
Josh