Re: [PATCH net] vhost: Fix Spectre V1 vulnerability

From: David Miller
Date: Wed Oct 31 2018 - 15:39:57 EST

Next message: thesven73: "[PATCH anybus v2 0/5] Support HMS Profinet Card over Anybus"
Previous message: ndesaulniers: "[PATCH v3] include/linux/compiler*.h: define asm_volatile_goto"
In reply to: Jason Wang: "[PATCH net] vhost: Fix Spectre V1 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jason Wang <jasowang@xxxxxxxxxx>
Date: Tue, 30 Oct 2018 14:10:49 +0800

> The idx in vhost_vring_ioctl() was controlled by userspace, hence a
> potential exploitation of the Spectre variant 1 vulnerability.
>
> Fixing this by sanitizing idx before using it to index d->vqs.
>
> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx>
> Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Cc: Andrea Arcangeli <aarcange@xxxxxxxxxx>
> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx>

Applied and queued up for -stable.

Next message: thesven73: "[PATCH anybus v2 0/5] Support HMS Profinet Card over Anybus"
Previous message: ndesaulniers: "[PATCH v3] include/linux/compiler*.h: define asm_volatile_goto"
In reply to: Jason Wang: "[PATCH net] vhost: Fix Spectre V1 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]