ACK: [SRU][Trusty][PULL] Updates for CVE-2017-5753

Kleber Souza kleber.souza at canonical.com
Wed Nov 28 14:26:31 UTC 2018


On 11/13/18 5:11 PM, Juerg Haefliger wrote:
> CVE-2017-5753
>
> This pull request contains fix(es) for the following CVE(s): CVE-2017-5753
>
> Add Spectre v1 pointer masking in various places and some minor fixes to
> match upstream stable v4.9.
>
> Compile-tested all architectures.
>
> Signed-off-by: Juerg Haefliger <juergh at canonical.com>


Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>


> ---
>
> The following changes since commit 75136bbc88ff3f96baa790d65e2826f64e5d5772:
>
>   drm: fix NULL pointer access by wrong ioctl (2018-11-07 22:47:19 -0500)
>
> are available in the Git repository at:
>
>   git://git.launchpad.net/~juergh/+git/trusty-linux update-spectre-v1
>
> for you to fetch changes up to d56fe24802964e8ba4eff3f4b2f7feab97d668ab:
>
>   tty: vt_ioctl: fix potential Spectre v1 (2018-11-12 16:37:46 +0100)
>
> ----------------------------------------------------------------
> Dan Williams (2):
>       x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()
>       x86/speculation: Fix up array_index_nospec_mask() asm constraint
>
> Gustavo A. R. Silva (8):
>       net: atm: Fix potential Spectre v1
>       atm: zatm: Fix potential Spectre v1
>       kernel/sys.c: fix potential Spectre v1 issue
>       HID: hiddev: fix potential Spectre v1
>       atm: zatm: Fix potential Spectre v1
>       net: cxgb3_main: fix potential Spectre v1
>       misc: hmc6352: fix potential Spectre v1
>       tty: vt_ioctl: fix potential Spectre v1
>
> Jeremy Cline (4):
>       netlink: Fix spectre v1 gadget in netlink_create()
>       net: socket: fix potential spectre v1 gadget in socketcall
>       ext4: fix spectre gadget in ext4_mb_regular_allocator()
>       fs/quota: Fix spectre gadget in do_quotactl
>
> John Garry (1):
>       libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
>
> Peter Zijlstra (2):
>       perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
>       perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
>
> Takashi Iwai (7):
>       ALSA: opl3: Hardening for potential Spectre v1
>       ALSA: asihpi: Hardening for potential Spectre v1
>       ALSA: hdspm: Hardening for potential Spectre v1
>       ALSA: rme9652: Hardening for potential Spectre v1
>       ALSA: control: Hardening for potential Spectre v1
>       ALSA: seq: oss: Hardening for potential Spectre v1
>       ALSA: hda: Hardening for potential Spectre v1
>
>  arch/x86/include/asm/barrier.h                  |  4 +-
>  arch/x86/kernel/cpu/perf_event.c                |  8 ++-
>  drivers/ata/libahci.c                           |  7 ++-
>  drivers/atm/zatm.c                              |  5 ++
>  drivers/hid/usbhid/hiddev.c                     | 11 ++++
>  drivers/misc/hmc6352.c                          |  2 +
>  drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c |  2 +
>  drivers/tty/vt/vt_ioctl.c                       |  4 ++
>  fs/ext4/mballoc.c                               |  4 +-
>  fs/quota/quota.c                                |  2 +
>  include/sound/control.h                         |  7 ++-
>  kernel/sys.c                                    |  4 ++
>  net/atm/lec.c                                   |  9 ++-
>  net/netlink/af_netlink.c                        |  2 +
>  net/socket.c                                    |  2 +
>  sound/core/seq/oss/seq_oss_event.c              | 15 +++--
>  sound/core/seq/oss/seq_oss_midi.c               |  2 +
>  sound/core/seq/oss/seq_oss_synth.c              | 75 ++++++++++++++-----------
>  sound/core/seq/oss/seq_oss_synth.h              |  3 +-
>  sound/drivers/opl3/opl3_synth.c                 |  7 ++-
>  sound/pci/asihpi/hpimsginit.c                   | 13 +++--
>  sound/pci/asihpi/hpioctl.c                      |  4 +-
>  sound/pci/hda/hda_hwdep.c                       | 12 +++-
>  sound/pci/rme9652/hdspm.c                       | 24 ++++----
>  sound/pci/rme9652/rme9652.c                     |  6 +-
>  25 files changed, 164 insertions(+), 70 deletions(-)
>




More information about the kernel-team mailing list