iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/arch
History
Julien Thierry f8c5a575c5 ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit 
Commit 621afc677465db231662ed126ae1f355bf8eac47 upstream.

A mispredicted conditional call to set_fs could result in the wrong
addr_limit being forwarded under speculation to a subsequent access_ok
check, potentially forming part of a spectre-v1 attack using uaccess
routines.

This patch prevents this forwarding from taking place, but putting heavy
barriers in set_fs after writing the addr_limit.

Porting commit c2f0ad4fc089cff8 ("arm64: uaccess: Prevent speculative use
of the current addr_limit").

Signed-off-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: David A. Long <dave.long@linaro.org>
Reviewed-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-11-10 11:21:34 +01:00
..
alpha
alpha: Fix Eiger NR_IRQS to 128
2019-02-20 10:13:22 +01:00
arc
ARC: export "abort" for modules
2019-09-21 07:12:54 +02:00
arm
ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
2019-11-10 11:21:34 +01:00
arm64
ARM: 8481/2: drivers: psci: replace psci firmware calls
2019-11-10 11:21:16 +01:00
avr32
avr32: off by one in at32_init_pio()
2016-10-07 15:23:45 +02:00
blackfin
pinctrl: adi2: Fix Kconfig build problem
2017-12-20 10:05:00 +01:00
c6x
c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
2017-03-31 09:49:53 +02:00
cris
mm: replace get_user_pages() write/force parameters with gup_flags
2018-12-17 21:55:16 +01:00
frv
futex: Remove duplicated code and fix undefined behaviour
2018-05-26 08:48:50 +02:00
h8300
h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux-
2019-04-27 09:33:48 +02:00
hexagon
hexagon: modify ffs() and fls() to return int
2018-10-10 08:52:12 +02:00
ia64
ia64:unwind: fix double free for mod->arch.init_unw_table
2019-10-05 12:27:47 +02:00
m32r
m32r: fix __get_user()
2016-09-24 10:07:43 +02:00
m68k
bug.h: work around GCC PR82365 in BUG()
2019-07-10 09:56:42 +02:00
metag
metag/uaccess: Check access_ok in strncpy_from_user
2017-05-25 14:30:16 +02:00
microblaze
microblaze: Fix simpleImage format generation
2018-08-06 16:24:39 +02:00
mips
MIPS: bmips: mark exception vectors as char arrays
2019-11-10 11:21:09 +01:00
mn10300
mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
2018-02-16 20:09:47 +01:00
nios2
nios2: reserve boot memory for device tree
2017-04-12 12:38:34 +02:00
openrisc
kthread: fix boot hang (regression) on MIPS/OpenRISC
2018-09-19 22:48:55 +02:00
parisc
parisc: Fix vmap memory leak in ioremap()/iounmap()
2019-10-29 09:13:29 +01:00
powerpc
powerpc/powernv: Restrict OPAL symbol map to only be readable by root
2019-10-17 13:40:53 -07:00
s390
s390/cmm: fix information leak in cmm_timeout_handler()
2019-11-06 12:09:21 +01:00
score
score: fix copy_from_user() and friends
2016-09-24 10:07:44 +02:00
sh
sh: kernel: hw_breakpoint: Fix missing break in switch statement
2019-08-25 10:52:55 +02:00
sparc
bug.h: work around GCC PR82365 in BUG()
2019-07-10 09:56:42 +02:00
tile
futex: Remove duplicated code and fix undefined behaviour
2018-05-26 08:48:50 +02:00
um
um: Silence lockdep complaint about mmap_sem
2019-08-04 09:34:58 +02:00
unicore32
x86
efi/x86: Do not clean dummy variable in kexec path
2019-11-06 12:09:14 +01:00
xtensa
xtensa: drop EXPORT_SYMBOL for outs*/ins*
2019-10-29 09:13:29 +01:00
.gitignore
Kconfig