]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c4fa56d) | patch
ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
authorJulien Thierry <julien.thierry@arm.com>
Thu, 14 Feb 2019 14:49:19 +0000 (09:49 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 20 Feb 2019 09:18:26 +0000 (10:18 +0100)
commit0cb3209d8819b58ff85bee7e4cf14a5367c00c1a
treecffd9d4e99850b1d4d46f892af56b531633bf811tree | snapshot
parentc4fa56d36e8af8376bf6f1829a16a12e3cdfb284commit | diff
ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit

Commit 621afc677465db231662ed126ae1f355bf8eac47 upstream.

A mispredicted conditional call to set_fs could result in the wrong
addr_limit being forwarded under speculation to a subsequent access_ok
check, potentially forming part of a spectre-v1 attack using uaccess
routines.

This patch prevents this forwarding from taking place, but putting heavy
barriers in set_fs after writing the addr_limit.

Porting commit c2f0ad4fc089cff8 ("arm64: uaccess: Prevent speculative use
of the current addr_limit").

Signed-off-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: David A. Long <dave.long@linaro.org>
Reviewed-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
arch/arm/include/asm/uaccess.h diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git