[SRU][Bionic][PULL] Updates for Spectre v1 (CVE-2017-5753)
Juerg Haefliger
juerg.haefliger at canonical.com
Wed Apr 10 11:57:03 UTC 2019
This pull request contains fix(es) for the following CVE(s):
CVE-2017-5753
Pull in the latest Spectre v1 fixes from mainline. All commits are either
clean cherry-picks or simple backports (context adjustments only).
The changes are fairly trivial and non-intrusive (low risk) in that they
sprinkle array_index_nospec() calls over different places where an array
index is user controllable.
Compile-tested all supported architectures.
Signed-off-by: Juerg Haefliger <juergh at canonical.com>
---
The following changes since commit bb55c24ff413a2877c5215195edf60db6f38f913:
UBUNTU: SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (2019-04-09 08:26:44 +0200)
are available in the Git repository at:
git://git.launchpad.net/~juergh/+git/bionic-linux update-spectre-v1
for you to fetch changes up to f1216d8699cfc4ce0ba639633b0453f6974bb2ef:
ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-10 13:52:46 +0200)
----------------------------------------------------------------
Breno Leitao (2):
HID: hiddev: fix potential Spectre v1
powerpc/ptrace: Mitigate potential Spectre v1
Davidlohr Bueso (1):
sysvipc/sem: mitigate semnum index against spectre v1
Gustavo A. R. Silva (25):
drm/amdgpu/pm: Fix potential Spectre v1
drm/i915/kvmgt: Fix potential Spectre v1
hwmon: (nct6775) Fix potential Spectre v1
switchtec: Fix Spectre v1 vulnerability
misc: hmc6352: fix potential Spectre v1
tty: vt_ioctl: fix potential Spectre v1
IB/ucm: Fix Spectre v1 vulnerability
RDMA/ucma: Fix Spectre v1 vulnerability
drm/bufs: Fix Spectre v1 vulnerability
usb: gadget: storage: Fix Spectre v1 vulnerability
ptp: fix Spectre v1 vulnerability
drivers/misc/sgi-gru: fix Spectre v1 vulnerability
ipv4: Fix potential Spectre v1 vulnerability
ALSA: emux: Fix potential Spectre v1 vulnerabilities
ALSA: pcm: Fix potential Spectre v1 vulnerability
ip6mr: Fix potential Spectre v1 vulnerability
ALSA: rme9652: Fix potential Spectre v1 vulnerability
ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
drm/ioctl: Fix Spectre v1 vulnerabilities
char/mwave: fix potential Spectre v1 vulnerability
applicom: Fix potential Spectre v1 vulnerabilities
ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
ALSA: rawmidi: Fix potential Spectre v1 vulnerability
ALSA: seq: oss: Fix Spectre v1 vulnerability
Jason Wang (1):
vhost: Fix Spectre V1 vulnerability
Jeff Moyer (1):
aio: fix spectre gadget in lookup_ioctx
Jeremy Cline (6):
net: socket: fix potential spectre v1 gadget in socketcall
net: socket: Fix potential spectre v1 gadget in sock_is_registered
netlink: Fix spectre v1 gadget in netlink_create()
ext4: fix spectre gadget in ext4_mb_regular_allocator()
net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
fs/quota: Fix spectre gadget in do_quotactl
Jinbum Park (2):
pktcdvd: Fix possible Spectre-v1 for pkt_devs
mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
Johannes Berg (1):
cfg80211: prevent speculation on cfg80211_classify8021d() return
John Garry (1):
libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
Mark Rutland (3):
KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
Martin Schwidefsky (1):
s390/keyboard: sanitize array index in do_kdsk_ioctl
Masashi Honma (2):
nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
Mauro Carvalho Chehab (1):
media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
Michael Ellerman (1):
powerpc: Use barrier_nospec in copy_from_user()
arch/arm64/kernel/ptrace.c | 19 ++++++++-------
arch/powerpc/include/asm/uaccess.h | 11 ++++++++-
arch/powerpc/kernel/ptrace.c | 8 ++++++-
drivers/ata/libahci.c | 7 ++++--
drivers/block/pktcdvd.c | 4 +++-
drivers/char/applicom.c | 35 +++++++++++++++++++---------
drivers/char/ipmi/ipmi_msghandler.c | 6 +++++
drivers/char/mwave/mwavedd.c | 7 ++++++
drivers/gpu/drm/amd/amdgpu/amdgpu_pm.c | 2 ++
drivers/gpu/drm/drm_bufs.c | 3 +++
drivers/gpu/drm/drm_ioctl.c | 10 ++++++--
drivers/gpu/drm/i915/gvt/kvmgt.c | 9 ++++++-
drivers/hid/usbhid/hiddev.c | 18 ++++++++++----
drivers/hwmon/nct6775.c | 2 ++
drivers/infiniband/core/ucm.c | 3 +++
drivers/infiniband/core/ucma.c | 3 +++
drivers/media/dvb-core/dvb_ca_en50221.c | 5 ++++
drivers/misc/hmc6352.c | 2 ++
drivers/misc/sgi-gru/grukdump.c | 4 ++++
drivers/net/wireless/mac80211_hwsim.c | 4 ++++
drivers/pci/switch/switchtec.c | 4 ++++
drivers/ptp/ptp_chardev.c | 4 ++++
drivers/s390/char/keyboard.c | 28 ++++++++++++----------
drivers/tty/vt/vt_ioctl.c | 4 ++++
drivers/usb/gadget/function/f_mass_storage.c | 3 +++
drivers/vhost/vhost.c | 2 ++
fs/aio.c | 2 ++
fs/ext4/mballoc.c | 4 +++-
fs/quota/quota.c | 2 ++
ipc/sem.c | 18 ++++++++++----
net/core/sock_diag.c | 2 ++
net/ipv4/ipmr.c | 4 ++++
net/ipv6/ip6mr.c | 3 +++
net/netlink/af_netlink.c | 2 ++
net/socket.c | 2 ++
net/wireless/nl80211.c | 20 ++++++++++++----
net/wireless/util.c | 34 +++++++++++++++++++--------
sound/core/pcm.c | 2 ++
sound/core/rawmidi.c | 2 ++
sound/core/seq/oss/seq_oss_synth.c | 7 +++---
sound/pci/emu10k1/emufx.c | 5 ++++
sound/pci/rme9652/hdsp.c | 10 ++++----
sound/synth/emux/emux_hwdep.c | 7 ++++--
virt/kvm/arm/vgic/vgic-mmio-v2.c | 3 +++
virt/kvm/arm/vgic/vgic.c | 13 +++++++----
45 files changed, 273 insertions(+), 76 deletions(-)
More information about the kernel-team
mailing list