Revision - a538e3f - aio: fix spectre gadget in lookup_ioctx

Revision a538e3ff9dabcdf6c3f477a373c629213d1c3066 authored by Jeff Moyer on 11 December 2018, 17:37:49 UTC, committed by Jens Axboe on 11 December 2018, 18:45:50 UTC

aio: fix spectre gadget in lookup_ioctx

Matthew pointed out that the ioctx_table is susceptible to spectre v1,
because the index can be controlled by an attacker.  The below patch
should mitigate the attack for all of the aio system calls.

Cc: stable@vger.kernel.org
Reported-by: Matthew Wilcox <willy@infradead.org>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

1 parent f55adad

Files
Changes

Permalinks

File	Mode	Size
Kconfig	-rw-r--r--	1.5 KB
Makefile	-rw-r--r--	409 bytes
caif_dev.c	-rw-r--r--	12.8 KB
caif_socket.c	-rw-r--r--	26.5 KB
caif_usb.c	-rw-r--r--	5.2 KB
cfcnfg.c	-rw-r--r--	14.2 KB
cfctrl.c	-rw-r--r--	15.7 KB
cfdbgl.c	-rw-r--r--	1.5 KB
cfdgml.c	-rw-r--r--	2.9 KB
cffrml.c	-rw-r--r--	4.5 KB
cfmuxl.c	-rw-r--r--	6.3 KB
cfpkt_skbuff.c	-rw-r--r--	8.3 KB
cfrfml.c	-rw-r--r--	6.3 KB
cfserl.c	-rw-r--r--	4.3 KB
cfsrvl.c	-rw-r--r--	5.5 KB
cfutill.c	-rw-r--r--	2.8 KB
cfveil.c	-rw-r--r--	2.5 KB
cfvidl.c	-rw-r--r--	1.7 KB
chnl_net.c	-rw-r--r--	13.1 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...