--- /dev/null
+From d91372b3cc092fb573ad0ed3edba584dcc3913da Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 4 Sep 2019 12:27:18 +0200
+Subject: x86/ptrace: fix up botched merge of spectrev1 fix
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+I incorrectly merged commit 31a2fbb390fe ("x86/ptrace: Fix possible
+spectre-v1 in ptrace_get_debugreg()") when backporting it, as was
+graciously pointed out at
+https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php
+
+Resolve the upstream difference with the stable kernel merge to properly
+protect things.
+
+Reported-by: Brad Spengler <spender@grsecurity.net>
+Cc: Dianzhang Chen <dianzhangchen0@gmail.com>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: <bp@alien8.de>
+Cc: <hpa@zytor.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/ptrace.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+--- a/arch/x86/kernel/ptrace.c
++++ b/arch/x86/kernel/ptrace.c
+@@ -644,11 +644,10 @@ static unsigned long ptrace_get_debugreg
+ {
+ struct thread_struct *thread = &tsk->thread;
+ unsigned long val = 0;
+- int index = n;
+
+ if (n < HBP_NUM) {
++ int index = array_index_nospec(n, HBP_NUM);
+ struct perf_event *bp = thread->ptrace_bps[index];
+- index = array_index_nospec(index, HBP_NUM);
+
+ if (bp)
+ val = bp->hw.info.address;
projects / thirdparty / kernel / stable-queue.git / commitdiff
