Re: [PATCH v3] hwrng: virtio: clamp device-reported used.len at copy_data()

Next message: Tomi Valkeinen: "[PATCH] media: imx219: Report streams using frame descriptors"
Previous message: Jagielski, Jedrzej: "RE: [PATCH net-next] i40e: Use common error handling code in i40e_register_auxiliary_dev()"
In reply to: Michael S. Tsirkin: "Re: [PATCH v3] hwrng: virtio: clamp device-reported used.len at copy_data()"
Next in thread: Michael S. Tsirkin: "Re: [PATCH v3] hwrng: virtio: clamp device-reported used.len at copy_data()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Herbert Xu

Date: Thu Jun 11 2026 - 05:19:44 EST

On Thu, Jun 11, 2026 at 05:10:32AM -0400, Michael S. Tsirkin wrote:
>
> data_avail is under hypervisor control
>
> avail = min_t(unsigned int, vi->data_avail, sizeof(vi->data));
> if (vi->data_idx >= avail) {
> vi->data_idx = 0;
>
> and maybe this can speculate past the if?
>
> I agree, this is all speculation )

Either it is vulnerable to Spectre, or it isn't. Adding nospec
markers when you're not sure is cargo cult programming.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt