summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/memory.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2024-09-22 20:19:35 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2024-09-22 20:19:35 +0200
commitde5cb0dcb74c294ec527eddfe5094acfdb21ff21 (patch)
treef669adb523b265f9b979c136df8a8334ea74ec62 /security/tomoyo/memory.c
parentMerge tag 'trace-ring-buffer-v6.12' of git://git.kernel.org/pub/scm/linux/ker... (diff)
parentx86: make the masked_user_access_begin() macro use its argument only once (diff)
downloadlinux-de5cb0dcb74c294ec527eddfe5094acfdb21ff21.tar.xz
linux-de5cb0dcb74c294ec527eddfe5094acfdb21ff21.zip
Merge branch 'address-masking'
Merge user access fast validation using address masking. This allows architectures to optionally use a data dependent address masking model instead of a conditional branch for validating user accesses. That avoids the Spectre-v1 speculation barriers. Right now only x86-64 takes advantage of this, and not all architectures will be able to do it. It requires a guard region between the user and kernel address spaces (so that you can't overflow from one to the other), and an easy way to generate a guaranteed-to-fault address for invalid user pointers. Also note that this currently assumes that there is no difference between user read and write accesses. If extended to architectures like powerpc, we'll also need to separate out the user read-vs-write cases. * address-masking: x86: make the masked_user_access_begin() macro use its argument only once x86: do the user address masking outside the user access area x86: support user address masking instead of non-speculative conditional
Diffstat (limited to 'security/tomoyo/memory.c')
0 files changed, 0 insertions, 0 deletions