On Mon, Sep 14, 2020 at 10:56 AM Borislav Petkov <b...@alien8.de> wrote: > > On Thu, Sep 10, 2020 at 12:22:53PM -0500, Josh Poimboeuf wrote: > > +/* > > + * Sanitize a user pointer such that it becomes NULL if it's not a valid > > user > > + * pointer. This prevents speculative dereferences of user-controlled > > pointers > > + * to kernel space when access_ok() speculatively returns true. This > > should be > > + * done *after* access_ok(), to avoid affecting error handling behavior. > > Err, stupid question: can this macro then be folded into access_ok() so > that you don't have to touch so many places and the check can happen > automatically?
I think that ends up with more changes because it changes the flow of access_ok() from returning a boolean to returning a modified user address that can be used in the speculative path.
