Re: [PATCH] staging: wfx: fix potential vulnerability to spectre
On Fri, Oct 11, 2019 at 12:35:36PM +, Jerome Pouiller wrote: > On Friday 11 October 2019 14:10:35 CEST Greg Kroah-Hartman wrote: > > On Fri, Oct 11, 2019 at 10:15:54AM +, Jerome Pouiller wrote: > > > From: Jérôme Pouiller > > > > > > array_index_nospec() should be applied after a bound check. > > > > > > Fixes: 9bca45f3d6924f19f29c0d019e961af3f41bdc9e ("staging: wfx: allow to > > > send 802.11 frames") > > > > No need for the full sha1, this should be: > > Fixes: 9bca45f3d692 ("staging: wfx: allow to send 802.11 frames") > > I copy-pasted information from kbuild robot notification. > > I suggest that commit-id in robot notification is also cut down to 12 > characters. Or even better, to use this snippet: > > If you fix the issue, kindly add following tag > Reported-by: kbuild test robot > Fixes: 9bca45f3d692 ("staging: wfx: allow to send 802.11 frames") > > (I added l...@lists.01.org in CC but, I am not sure it is the correct > ML. I am sorry if it is not the case) tree: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git staging-testing head: d49d1c76b96ebf39539e93d5ab7943a01ef70e4f commit: 9bca45f3d6924f19f29c0d019e961af3f41bdc9e [55/111] staging: wfx: allow to send 802.11 frames If you cut and paste then you the "[55/111] " text isn't right either. Also kbuild works on rebase-able trees as well as non-rebase/published trees so the hash could change as well. I am a little bit surprised that checkpatch.pl doesn't complain about this, though. You could consider adding that? regards, dan carpenter ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [PATCH] staging: wfx: fix potential vulnerability to spectre
On Friday 11 October 2019 14:10:35 CEST Greg Kroah-Hartman wrote: > On Fri, Oct 11, 2019 at 10:15:54AM +, Jerome Pouiller wrote: > > From: Jérôme Pouiller > > > > array_index_nospec() should be applied after a bound check. > > > > Fixes: 9bca45f3d6924f19f29c0d019e961af3f41bdc9e ("staging: wfx: allow to > > send 802.11 frames") > > No need for the full sha1, this should be: > Fixes: 9bca45f3d692 ("staging: wfx: allow to send 802.11 frames") I copy-pasted information from kbuild robot notification. I suggest that commit-id in robot notification is also cut down to 12 characters. Or even better, to use this snippet: If you fix the issue, kindly add following tag Reported-by: kbuild test robot Fixes: 9bca45f3d692 ("staging: wfx: allow to send 802.11 frames") (I added l...@lists.01.org in CC but, I am not sure it is the correct ML. I am sorry if it is not the case) -- Jérôme Pouiller ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [PATCH] staging: wfx: fix potential vulnerability to spectre
On Fri, Oct 11, 2019 at 10:15:54AM +, Jerome Pouiller wrote: > From: Jérôme Pouiller > > array_index_nospec() should be applied after a bound check. > > Fixes: 9bca45f3d6924f19f29c0d019e961af3f41bdc9e ("staging: wfx: allow to send > 802.11 frames") No need for the full sha1, this should be: Fixes: 9bca45f3d692 ("staging: wfx: allow to send 802.11 frames") The command: git show -s --abbrev-commit --abbrev=12 --pretty=format:"%h (\"%s\")%n" will provide it in the correct format. Can you fix this up and resend? thanks, greg k-h ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[PATCH] staging: wfx: fix potential vulnerability to spectre
From: Jérôme Pouiller array_index_nospec() should be applied after a bound check. Fixes: 9bca45f3d6924f19f29c0d019e961af3f41bdc9e ("staging: wfx: allow to send 802.11 frames") Reported-by: kbuild test robot Reported-by: Dan Carpenter Signed-off-by: Jérôme Pouiller --- drivers/staging/wfx/wfx.h | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/staging/wfx/wfx.h b/drivers/staging/wfx/wfx.h index 489836837b0a..4c0f2836015c 100644 --- a/drivers/staging/wfx/wfx.h +++ b/drivers/staging/wfx/wfx.h @@ -138,6 +138,7 @@ static inline struct wfx_vif *wdev_to_wvif(struct wfx_dev *wdev, int vif_id) dev_dbg(wdev->dev, "requesting non-existent vif: %d\n", vif_id); return NULL; } + vif_id = array_index_nospec(vif_id, ARRAY_SIZE(wdev->vif)); if (!wdev->vif[vif_id]) { dev_dbg(wdev->dev, "requesting non-allocated vif: %d\n", vif_id); return NULL; -- 2.20.1 ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel