Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution

From: Greg KH
Date: Sat Jan 06 2018 - 04:00:21 EST

Next message: Greg KH: "Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Previous message: Greg KH: "Re: [PATCH v2 8/8] x86: Use IBRS for firmware update path"
In reply to: Dan Williams: "[PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Next in thread: Greg KH: "Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
> Static analysis reports that 'offset' may be a user controlled value
> that is used as a data dependency reading from a raw_frag_vec buffer.
> In order to avoid potential leaks of kernel memory values, block
> speculative execution of the instruction stream that could issue further
> reads based on an invalid '*(rfv->c + offset)' value.
>
> Based on an original patch by Elena Reshetova.

I thought we "proved" that this patch was not needed at all, based on
previous review. It doesn't look like that review cycle got
incorporated into this patch series at all, I guess I have to go back
and do it all again :(

thanks,

greg k-h

Next message: Greg KH: "Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Previous message: Greg KH: "Re: [PATCH v2 8/8] x86: Use IBRS for firmware update path"
In reply to: Dan Williams: "[PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Next in thread: Greg KH: "Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]