ACK: [SRU][Xenial][PULL] Updates for Spectre v1 (CVE-2017-5753)
Stefan Bader
stefan.bader at canonical.com
Wed Apr 17 16:00:07 UTC 2019
On 10.04.19 14:00, Juerg Haefliger wrote:
> This pull request contains fix(es) for the following CVE(s):
> CVE-2017-5753
>
> Pull in the latest Spectre v1 fixes from mainline. All commits are either
> clean cherry-picks or simple backports (context adjustments only).
>
> The changes are fairly trivial and non-intrusive (low risk) in that they
> sprinkle array_index_nospec() calls over different places where an array
> index is user controllable.
>
> Compile-tested all supported architectures.
>
> Signed-off-by: Juerg Haefliger <juergh at canonical.com>
> ---
>
> The following changes since commit 4a18c9eb9b143743de8a54ffd31be81652d9ee93:
>
> Revert "module: Add retpoline tag to VERMAGIC" (2019-04-09 08:32:15 +0200)
>
> are available in the Git repository at:
>
> git://git.launchpad.net/~juergh/+git/xenial-linux update-spectre-v1
>
> for you to fetch changes up to 7b3e7388ac9296c2af6e025d1534ef4675d059aa:
>
> ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-09 08:34:34 +0200)
>
> ----------------------------------------------------------------
> Breno Leitao (1):
> powerpc/ptrace: Mitigate potential Spectre v1
>
> Gustavo A. R. Silva (4):
> hwmon: (nct6775) Fix potential Spectre v1
> ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
> ALSA: rawmidi: Fix potential Spectre v1 vulnerability
> ALSA: seq: oss: Fix Spectre v1 vulnerability
>
> Jeremy Cline (2):
> net: socket: Fix potential spectre v1 gadget in sock_is_registered
> net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
>
> Jinbum Park (2):
> pktcdvd: Fix possible Spectre-v1 for pkt_devs
> mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
>
> Johannes Berg (1):
> cfg80211: prevent speculation on cfg80211_classify8021d() return
>
> Mark Rutland (2):
> arm64: fix possible spectre-v1 in ptrace_hbp_get_event()
> arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
>
> Martin Schwidefsky (1):
> s390/keyboard: sanitize array index in do_kdsk_ioctl
>
> Masashi Honma (1):
> nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
>
> Mauro Carvalho Chehab (1):
> media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
>
> Peter Zijlstra (1):
> sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
>
> Thomas Gleixner (1):
> posix-timers: Protect posix clock array access against speculation
>
> arch/arm64/kernel/ptrace.c | 33 +++++++++++++++++++++------------
> arch/powerpc/kernel/ptrace.c | 8 +++++++-
> drivers/block/pktcdvd.c | 3 +++
> drivers/char/ipmi/ipmi_msghandler.c | 6 ++++++
> drivers/hwmon/nct6775.c | 2 ++
> drivers/media/dvb-core/dvb_ca_en50221.c | 5 +++++
> drivers/net/wireless/mac80211_hwsim.c | 4 ++++
> drivers/s390/char/keyboard.c | 28 ++++++++++++++++------------
> kernel/sched/auto_group.c | 7 +++++--
> kernel/time/posix-timers.c | 11 ++++++++---
> net/core/sock_diag.c | 2 ++
> net/wireless/nl80211.c | 1 +
> net/wireless/util.c | 33 +++++++++++++++++++++++----------
> sound/core/rawmidi.c | 2 ++
> sound/core/seq/oss/seq_oss_synth.c | 7 ++++---
> 15 files changed, 109 insertions(+), 43 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20190417/b3601b4a/attachment.sig>
More information about the kernel-team
mailing list