Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-04 Thread David Miller
From: "Gustavo A. R. Silva" Date: Thu, 3 May 2018 13:17:12 -0500 > pool can be indirectly controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: > >

Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-04 Thread David Miller
From: "Gustavo A. R. Silva" Date: Thu, 3 May 2018 13:17:12 -0500 > pool can be indirectly controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: > > drivers/atm/zatm.c:1462 zatm_ioctl()

Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread David Miller
From: Randy Dunlap Date: Thu, 3 May 2018 12:09:40 -0700 > Just for (my) info: all of these types of patches are to prevent > what is loaded in cache when the index is out of range, right? > Not some random pool_info[random], but pool_info[valid, i.e., 0]. > > Since the

Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread David Miller
From: Randy Dunlap Date: Thu, 3 May 2018 12:09:40 -0700 > Just for (my) info: all of these types of patches are to prevent > what is loaded in cache when the index is out of range, right? > Not some random pool_info[random], but pool_info[valid, i.e., 0]. > > Since the value of pool is already

Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread Randy Dunlap
On 05/03/2018 11:17 AM, Gustavo A. R. Silva wrote: > pool can be indirectly controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: > > drivers/atm/zatm.c:1462 zatm_ioctl() warn: potential

Re: [PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread Randy Dunlap
On 05/03/2018 11:17 AM, Gustavo A. R. Silva wrote: > pool can be indirectly controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: > > drivers/atm/zatm.c:1462 zatm_ioctl() warn: potential

[PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread Gustavo A. R. Silva
pool can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: drivers/atm/zatm.c:1462 zatm_ioctl() warn: potential spectre issue 'zatm_dev->pool_info' (local cap) Fix this by

[PATCH] atm: zatm: Fix potential Spectre v1

2018-05-03 Thread Gustavo A. R. Silva
pool can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: drivers/atm/zatm.c:1462 zatm_ioctl() warn: potential spectre issue 'zatm_dev->pool_info' (local cap) Fix this by