| Message ID | 20180606142052.32684-1-juergh@canonical.com |
|---|---|
| Headers | show |
| Series | Prevent speculation on user controlled pointer (LP #1775137) | expand |
On 06.06.2018 07:20, Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- > arch/x86/include/asm/uaccess_32.h | 26 +++++++++ > arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- > arch/x86/lib/usercopy_32.c | 20 +++---- > 4 files changed, 147 insertions(+), 57 deletions(-) > Looking at the patches they seem to match what they claim to do. I am just wondering whether there would be a slightly better way to point out backport decisions like that "don't use <something> in <function>" in the last patch. Maybe that could be a comment in the associated bug report? But anyway, Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 06/06/18 07:20, Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- > arch/x86/include/asm/uaccess_32.h | 26 +++++++++ > arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- > arch/x86/lib/usercopy_32.c | 20 +++---- > 4 files changed, 147 insertions(+), 57 deletions(-) > Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Please hold off applying this. It needs to come after the below patchset which (amongst other things) introduces the barrier_nospec macro: [SRU][Xenial][PULL] Update to upstream's implementation of Spectre v1 mitigation (LP: #1774181) ...Juerg On 06/06/2018 04:20 PM, Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- > arch/x86/include/asm/uaccess_32.h | 26 +++++++++ > arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- > arch/x86/lib/usercopy_32.c | 20 +++---- > 4 files changed, 147 insertions(+), 57 deletions(-) >
Applied to xenial On 2018-06-06 16:20:47 , Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- > arch/x86/include/asm/uaccess_32.h | 26 +++++++++ > arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- > arch/x86/lib/usercopy_32.c | 20 +++---- > 4 files changed, 147 insertions(+), 57 deletions(-) > > -- > 2.17.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
Juerg I applied this patchset to Xenial, but the bug also affects trusty. Was this supposed to have been applied to Trusty too? Is there another patchset for trusty coming? On 2018-06-07 18:06:42 , Khaled Elmously wrote: > Applied to xenial > > > On 2018-06-06 16:20:47 , Juerg Haefliger wrote: > > BugLink: https://bugs.launchpad.net/bugs/1775137 > > > > This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. > > > > == SRU Justification == > > Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. > > > > == Fix == > > Backport the following patches: > > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > > > == Regression Potential == > > Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. > > > > == Test Case == > > TBD. > > > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > > > > Dan Williams (3): > > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > > > Linus Torvalds (2): > > x86: reorganize SMAP handling in user space accesses > > x86: fix SMAP in 32-bit environments > > > > arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- > > arch/x86/include/asm/uaccess_32.h | 26 +++++++++ > > arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- > > arch/x86/lib/usercopy_32.c | 20 +++---- > > 4 files changed, 147 insertions(+), 57 deletions(-) > > > > -- > > 2.17.1 > > > > > > -- > > kernel-team mailing list > > kernel-team@lists.ubuntu.com > > https://lists.ubuntu.com/mailman/listinfo/kernel-team
BugLink: https://bugs.launchpad.net/bugs/1775137 This patchset adds the missing Spectre v1 mitigation for speculating on user controlled pointers. == SRU Justification == Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. == Fix == Backport the following patches: x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec == Regression Potential == Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. == Test Case == TBD. Signed-off-by: Juerg Haefliger <juergh@canonical.com> Dan Williams (3): x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec Linus Torvalds (2): x86: reorganize SMAP handling in user space accesses x86: fix SMAP in 32-bit environments arch/x86/include/asm/uaccess.h | 64 ++++++++++++++------- arch/x86/include/asm/uaccess_32.h | 26 +++++++++ arch/x86/include/asm/uaccess_64.h | 94 ++++++++++++++++++++++--------- arch/x86/lib/usercopy_32.c | 20 +++---- 4 files changed, 147 insertions(+), 57 deletions(-)