Revision - 899537b - net: atm: Fix potential Spectre v1 vulnerabilities - origin: https://github.com/torvalds/linux

visit type:

https://github.com/torvalds/linux

13 June 2022, 11:31:42 UTC

Revision 899537b73557aafbdd11050b501cf54b4f5c45af authored by Gustavo A. R. Silva on 15 April 2019, 20:57:23 UTC, committed by David S. Miller on 17 April 2019, 04:01:45 UTC

net: atm: Fix potential Spectre v1 vulnerabilities

arg is controlled by user-space, hence leading to a potential
exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

net/atm/lec.c:715 lec_mcast_attach() warn: potential spectre issue 'dev_lec' [r] (local cap)

Fix this by sanitizing arg before using it to index dev_lec.

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 parent ad910c7

Files
Changes

Permalinks

Tip revision: 899537b73557aafbdd11050b501cf54b4f5c45af authored by Gustavo A. R. Silva on 15 April 2019, 20:57:23 UTC
net: atm: Fix potential Spectre v1 vulnerabilities

Tip revision: 899537b

File	Mode	Size
ABI
EDID
PCI
RCU
accelerators
accounting
acpi
admin-guide
aoe
arm
arm64
auxdisplay
backlight
block
blockdev
bpf
bus-devices
cdrom
cgroup-v1
cma
connector
console
core-api
cpu-freq
crypto
dev-tools
device-mapper
devicetree
doc-guide
driver-api
driver-model
early-userspace
extcon
fault-injection
fb
features
filesystems
firmware_class
fmc
fpga
gpio
gpu
hid
hwmon
i2c
ia64
ide
iio
infiniband
input
interconnect
ioctl
isdn
kbuild
kdump
kernel-hacking
laptops
leds
lightnvm
livepatch
locking
m68k
maintainer
md
media
memory-devices
mic
mips
misc-devices
mmc
mtd
namespaces
netlabel
networking
nfc
nios2
nvdimm
nvmem
openrisc
parisc
pcmcia
perf
phy
platform
power
powerpc
pps
process
pti
ptp
rapidio
riscv
s390
scheduler
scsi
security
serial
sh
sound
sparc
sphinx
sphinx-static
spi
sysctl
target
thermal
timers
trace
translations
usb
userspace-api
virtual
vm
w1
watchdog
wimax
x86
xilinx
xtensa
.gitignore	-rw-r--r--	13 bytes
Changes	l---------	19 bytes
CodingStyle	-rw-r--r--	48 bytes
DMA-API-HOWTO.txt	-rw-r--r--	32.8 KB
DMA-API.txt	-rw-r--r--	27.5 KB
DMA-ISA-LPC.txt	-rw-r--r--	5.1 KB
DMA-attributes.txt	-rw-r--r--	6.9 KB
IPMI.txt	-rw-r--r--	29.7 KB
IRQ-affinity.txt	-rw-r--r--	2.5 KB
IRQ-domain.txt	-rw-r--r--	10.9 KB
IRQ.txt	-rw-r--r--	994 bytes
Intel-IOMMU.txt	-rw-r--r--	3.9 KB
Makefile	-rw-r--r--	4.5 KB
SAK.txt	-rw-r--r--	3.0 KB
SM501.txt	-rw-r--r--	2.8 KB
SubmittingPatches	-rw-r--r--	54 bytes
atomic_bitops.txt	-rw-r--r--	1.5 KB
atomic_t.txt	-rw-r--r--	5.5 KB
bt8xxgpio.txt	-rw-r--r--	4.0 KB
btmrvl.txt	-rw-r--r--	2.7 KB
bus-virt-phys-mapping.txt	-rw-r--r--	8.0 KB
clearing-warn-once.txt	-rw-r--r--	224 bytes
conf.py	-rw-r--r--	19.3 KB
cpu-load.txt	-rw-r--r--	3.0 KB
cputopology.txt	-rw-r--r--	5.6 KB
crc32.txt	-rw-r--r--	8.6 KB
dcdbas.txt	-rw-r--r--	3.9 KB
debugging-modules.txt	-rw-r--r--	954 bytes
debugging-via-ohci1394.txt	-rw-r--r--	7.5 KB
dell_rbu.txt	-rw-r--r--	5.0 KB
digsig.txt	-rw-r--r--	3.0 KB
docutils.conf	-rw-r--r--	158 bytes
dontdiff	-rw-r--r--	2.5 KB
efi-stub.txt	-rw-r--r--	3.8 KB
eisa.txt	-rw-r--r--	7.6 KB
futex-requeue-pi.txt	-rw-r--r--	5.1 KB
gcc-plugins.txt	-rw-r--r--	2.9 KB
highuid.txt	-rw-r--r--	2.6 KB
hw_random.txt	-rw-r--r--	3.8 KB
hwspinlock.txt	-rw-r--r--	12.5 KB
index.rst	-rw-r--r--	3.0 KB
intel_txt.txt	-rw-r--r--	10.3 KB
io-mapping.txt	-rw-r--r--	3.3 KB
io_ordering.txt	-rw-r--r--	2.0 KB
iostats.txt	-rw-r--r--	8.7 KB
irqflags-tracing.txt	-rw-r--r--	2.3 KB
isa.txt	-rw-r--r--	5.1 KB
isapnp.txt	-rw-r--r--	492 bytes
kernel-per-CPU-kthreads.txt	-rw-r--r--	13.3 KB
kobject.txt	-rw-r--r--	18.5 KB
kprobes.txt	-rw-r--r--	30.3 KB
kref.txt	-rw-r--r--	8.9 KB
ldm.txt	-rw-r--r--	4.6 KB
lockup-watchdogs.txt	-rw-r--r--	4.1 KB
logo.gif	-rw-r--r--	16.0 KB
logo.txt	-rw-r--r--	563 bytes
lsm.txt	-rw-r--r--	10.5 KB
lzo.txt	-rw-r--r--	9.1 KB
mailbox.txt	-rw-r--r--	4.4 KB
memory-barriers.txt	-rw-r--r--	114.6 KB
men-chameleon-bus.txt	-rw-r--r--	5.7 KB
nommu-mmap.txt	-rw-r--r--	12.4 KB
ntb.txt	-rw-r--r--	10.8 KB
numastat.txt	-rw-r--r--	1.0 KB
padata.txt	-rw-r--r--	7.4 KB
parport-lowlevel.txt	-rw-r--r--	37.1 KB
percpu-rw-semaphore.txt	-rw-r--r--	1.1 KB
phy.txt	-rw-r--r--	7.8 KB
pi-futex.txt	-rw-r--r--	5.7 KB
pnp.txt	-rw-r--r--	7.0 KB
preempt-locking.txt	-rw-r--r--	5.6 KB
pwm.txt	-rw-r--r--	6.2 KB
rbtree.txt	-rw-r--r--	14.8 KB
remoteproc.txt	-rw-r--r--	12.6 KB
rfkill.txt	-rw-r--r--	5.0 KB
robust-futex-ABI.txt	-rw-r--r--	8.7 KB
robust-futexes.txt	-rw-r--r--	9.5 KB
rpmsg.txt	-rw-r--r--	13.1 KB
rtc.txt	-rw-r--r--	7.0 KB
sgi-ioc4.txt	-rw-r--r--	2.1 KB
siphash.txt	-rw-r--r--	6.3 KB
smsc_ece1099.txt	-rw-r--r--	2.5 KB
speculation.txt	-rw-r--r--	2.8 KB
static-keys.txt	-rw-r--r--	13.0 KB
svga.txt	-rw-r--r--	11.8 KB
switchtec.txt	-rw-r--r--	4.0 KB
sync_file.txt	-rw-r--r--	3.1 KB
tee.txt	-rw-r--r--	5.2 KB
this_cpu_ops.txt	-rw-r--r--	11.2 KB
unaligned-memory-access.txt	-rw-r--r--	10.4 KB
vfio-mediated-device.txt	-rw-r--r--	14.6 KB
vfio.txt	-rw-r--r--	21.2 KB
video-output.txt	-rw-r--r--	1.1 KB
xillybus.txt	-rw-r--r--	17.6 KB
xz.txt	-rw-r--r--	5.5 KB
zorro.txt	-rw-r--r--	2.9 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...