Re: [PATCH] ptp: fix Spectre v1 vulnerability

From: Richard Cochran
Date: Tue Oct 16 2018 - 11:15:56 EST

Next message: Christopher Lameter: "Re: [patch] mm, slab: avoid high-order slab pages when it does not reduce waste"
Previous message: Tudor Ambarus: "Re: [PATCH v3 1/2] mtd: spi-nor: add support to non-uniform SFDP SPI NOR flash memories"
In reply to: Gustavo A. R. Silva: "[PATCH] ptp: fix Spectre v1 vulnerability"
Next in thread: David Miller: "Re: [PATCH] ptp: fix Spectre v1 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 16, 2018 at 03:06:41PM +0200, Gustavo A. R. Silva wrote:
> pin_index can be indirectly controlled by user-space, hence leading
> to a potential exploitation of the Spectre variant 1 vulnerability.
>
> This issue was detected with the help of Smatch:
>
> drivers/ptp/ptp_chardev.c:253 ptp_ioctl() warn: potential spectre issue
> 'ops->pin_config' [r] (local cap)
>
> Fix this by sanitizing pin_index before using it to index
> ops->pin_config, and before passing it as an argument to
> function ptp_set_pinfunc(), in which it is used to index
> info->pin_config.

Acked-by: Richard Cochran <richardcochran@xxxxxxxxx>

Next message: Christopher Lameter: "Re: [patch] mm, slab: avoid high-order slab pages when it does not reduce waste"
Previous message: Tudor Ambarus: "Re: [PATCH v3 1/2] mtd: spi-nor: add support to non-uniform SFDP SPI NOR flash memories"
In reply to: Gustavo A. R. Silva: "[PATCH] ptp: fix Spectre v1 vulnerability"
Next in thread: David Miller: "Re: [PATCH] ptp: fix Spectre v1 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]