Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-12 Thread James Bottomley
On Fri, 2018-01-12 at 08:27 +0100, Greg KH wrote: > On Thu, Jan 11, 2018 at 02:15:12PM -0800, Dan Williams wrote: > > > > On Sat, Jan 6, 2018 at 1:03 AM, Greg KH > > wrote: > > > > > > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > > > > > > > >

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-12 Thread James Bottomley
On Fri, 2018-01-12 at 08:27 +0100, Greg KH wrote: > On Thu, Jan 11, 2018 at 02:15:12PM -0800, Dan Williams wrote: > > > > On Sat, Jan 6, 2018 at 1:03 AM, Greg KH > > wrote: > > > > > > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > > > > > > > > Static analysis reports that

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-11 Thread Greg KH
On Thu, Jan 11, 2018 at 02:15:12PM -0800, Dan Williams wrote: > On Sat, Jan 6, 2018 at 1:03 AM, Greg KH wrote: > > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > >> Static analysis reports that 'handle' may be a user controlled value > >> that is used

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-11 Thread Greg KH
On Thu, Jan 11, 2018 at 02:15:12PM -0800, Dan Williams wrote: > On Sat, Jan 6, 2018 at 1:03 AM, Greg KH wrote: > > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > >> Static analysis reports that 'handle' may be a user controlled value > >> that is used as a data dependency to read

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-11 Thread Dan Williams
On Sat, Jan 6, 2018 at 1:03 AM, Greg KH wrote: > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: >> Static analysis reports that 'handle' may be a user controlled value >> that is used as a data dependency to read 'sp' from the >> 'req->outstanding_cmds'

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-11 Thread Dan Williams
On Sat, Jan 6, 2018 at 1:03 AM, Greg KH wrote: > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: >> Static analysis reports that 'handle' may be a user controlled value >> that is used as a data dependency to read 'sp' from the >> 'req->outstanding_cmds' array. In order to avoid

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-06 Thread Greg KH
On Sat, Jan 06, 2018 at 10:03:22AM +0100, Greg KH wrote: > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > > Static analysis reports that 'handle' may be a user controlled value > > that is used as a data dependency to read 'sp' from the > > 'req->outstanding_cmds' array. In order

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-06 Thread Greg KH
On Sat, Jan 06, 2018 at 10:03:22AM +0100, Greg KH wrote: > On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > > Static analysis reports that 'handle' may be a user controlled value > > that is used as a data dependency to read 'sp' from the > > 'req->outstanding_cmds' array. In order

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-06 Thread Greg KH
On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > Static analysis reports that 'handle' may be a user controlled value > that is used as a data dependency to read 'sp' from the > 'req->outstanding_cmds' array. In order to avoid potential leaks of > kernel memory values, block

Re: [PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-06 Thread Greg KH
On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote: > Static analysis reports that 'handle' may be a user controlled value > that is used as a data dependency to read 'sp' from the > 'req->outstanding_cmds' array. In order to avoid potential leaks of > kernel memory values, block

[PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-05 Thread Dan Williams
Static analysis reports that 'handle' may be a user controlled value that is used as a data dependency to read 'sp' from the 'req->outstanding_cmds' array. In order to avoid potential leaks of kernel memory values, block speculative execution of the instruction stream that could issue reads based

[PATCH 10/18] qla2xxx: prevent bounds-check bypass via speculative execution

2018-01-05 Thread Dan Williams
Static analysis reports that 'handle' may be a user controlled value that is used as a data dependency to read 'sp' from the 'req->outstanding_cmds' array. In order to avoid potential leaks of kernel memory values, block speculative execution of the instruction stream that could issue reads based