net: atm: Fix potential Spectre v1 vulnerabilities - linux

diff options

author	Gustavo A. R. Silva <gustavo@embeddedor.com>	2019-04-15 22:57:23 +0200
committer	David S. Miller <davem@davemloft.net>	2019-04-17 06:01:45 +0200
commit	899537b73557aafbdd11050b501cf54b4f5c45af (patch)
tree	fb231860e44e0e39982d5bf475c569b79bce1003 /net/atm/mpoa_caches.h
parent	net/core: work around section mismatch warning for ptp_classifier (diff)
download	linux-899537b73557aafbdd11050b501cf54b4f5c45af.tar.xz linux-899537b73557aafbdd11050b501cf54b4f5c45af.zip

net: atm: Fix potential Spectre v1 vulnerabilities

arg is controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: net/atm/lec.c:715 lec_mcast_attach() warn: potential spectre issue 'dev_lec' [r] (local cap) Fix this by sanitizing arg before using it to index dev_lec. Notice that given that speculation windows are large, the policy is to kill the speculation on the first load and not worry if it can be completed with a dependent load/store [1]. [1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/ Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'net/atm/mpoa_caches.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: