From: Linus Torvalds torvalds@linux-foundation.org Date: Fri, 22 Feb 2019 13:20:58 -0800
On Fri, Feb 22, 2019 at 11:27 AM Alexei Starovoitov alexei.starovoitov@gmail.com wrote:
On bpf side the bpf_probe_read() helper just calls probe_kernel_read() and users pass both user and kernel addresses into it and expect that the helper will actually try to read from that address.
As mentioned earlier in the thread, that's actually fundamentally broken.
There are architectures that have physically separate address spaces, with the same pointer value in both kernel and user space.
They are rare, but they exist. At least sparc32 and the old 4G:4G split x86.
And sparc64.
So a pointer really should always unambiguously always be explicitly _either_ a kernel pointer, or a user pointer. You can't have "this is a pointer", and then try to figure it out by looking at the value. That may happen to work on x86-64, but it's literally a "happen to work on the most common architectures", not a design thing.
Don't be surprised if we see more separation like this in the future too.
So it's not a smart thing to code against even if you can discount all of the examples Linus gives above.