| Message ID | 20190410120035.6807-1-juergh@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,Xenial,PULL] Updates for Spectre v1 (CVE-2017-5753) | expand |
On 10.04.19 14:00, Juerg Haefliger wrote: > This pull request contains fix(es) for the following CVE(s): > CVE-2017-5753 > > Pull in the latest Spectre v1 fixes from mainline. All commits are either > clean cherry-picks or simple backports (context adjustments only). > > The changes are fairly trivial and non-intrusive (low risk) in that they > sprinkle array_index_nospec() calls over different places where an array > index is user controllable. > > Compile-tested all supported architectures. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > --- > > The following changes since commit 4a18c9eb9b143743de8a54ffd31be81652d9ee93: > > Revert "module: Add retpoline tag to VERMAGIC" (2019-04-09 08:32:15 +0200) > > are available in the Git repository at: > > git://git.launchpad.net/~juergh/+git/xenial-linux update-spectre-v1 > > for you to fetch changes up to 7b3e7388ac9296c2af6e025d1534ef4675d059aa: > > ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-09 08:34:34 +0200) > > ---------------------------------------------------------------- > Breno Leitao (1): > powerpc/ptrace: Mitigate potential Spectre v1 > > Gustavo A. R. Silva (4): > hwmon: (nct6775) Fix potential Spectre v1 > ipmi: msghandler: Fix potential Spectre v1 vulnerabilities > ALSA: rawmidi: Fix potential Spectre v1 vulnerability > ALSA: seq: oss: Fix Spectre v1 vulnerability > > Jeremy Cline (2): > net: socket: Fix potential spectre v1 gadget in sock_is_registered > net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd() > > Jinbum Park (2): > pktcdvd: Fix possible Spectre-v1 for pkt_devs > mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom > > Johannes Berg (1): > cfg80211: prevent speculation on cfg80211_classify8021d() return > > Mark Rutland (2): > arm64: fix possible spectre-v1 in ptrace_hbp_get_event() > arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() > > Martin Schwidefsky (1): > s390/keyboard: sanitize array index in do_kdsk_ioctl > > Masashi Honma (1): > nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT > > Mauro Carvalho Chehab (1): > media: dvb_ca_en50221: prevent using slot_info for Spectre attacs > > Peter Zijlstra (1): > sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] > > Thomas Gleixner (1): > posix-timers: Protect posix clock array access against speculation > > arch/arm64/kernel/ptrace.c | 33 +++++++++++++++++++++------------ > arch/powerpc/kernel/ptrace.c | 8 +++++++- > drivers/block/pktcdvd.c | 3 +++ > drivers/char/ipmi/ipmi_msghandler.c | 6 ++++++ > drivers/hwmon/nct6775.c | 2 ++ > drivers/media/dvb-core/dvb_ca_en50221.c | 5 +++++ > drivers/net/wireless/mac80211_hwsim.c | 4 ++++ > drivers/s390/char/keyboard.c | 28 ++++++++++++++++------------ > kernel/sched/auto_group.c | 7 +++++-- > kernel/time/posix-timers.c | 11 ++++++++--- > net/core/sock_diag.c | 2 ++ > net/wireless/nl80211.c | 1 + > net/wireless/util.c | 33 +++++++++++++++++++++++---------- > sound/core/rawmidi.c | 2 ++ > sound/core/seq/oss/seq_oss_synth.c | 7 ++++--- > 15 files changed, 109 insertions(+), 43 deletions(-) > Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 4/10/19 2:00 PM, Juerg Haefliger wrote: > This pull request contains fix(es) for the following CVE(s): > CVE-2017-5753 > > Pull in the latest Spectre v1 fixes from mainline. All commits are either > clean cherry-picks or simple backports (context adjustments only). > > The changes are fairly trivial and non-intrusive (low risk) in that they > sprinkle array_index_nospec() calls over different places where an array > index is user controllable. > > Compile-tested all supported architectures. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > --- > > The following changes since commit 4a18c9eb9b143743de8a54ffd31be81652d9ee93: > > Revert "module: Add retpoline tag to VERMAGIC" (2019-04-09 08:32:15 +0200) > > are available in the Git repository at: > > git://git.launchpad.net/~juergh/+git/xenial-linux update-spectre-v1 > > for you to fetch changes up to 7b3e7388ac9296c2af6e025d1534ef4675d059aa: > > ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-09 08:34:34 +0200) > > ---------------------------------------------------------------- > Breno Leitao (1): > powerpc/ptrace: Mitigate potential Spectre v1 > > Gustavo A. R. Silva (4): > hwmon: (nct6775) Fix potential Spectre v1 > ipmi: msghandler: Fix potential Spectre v1 vulnerabilities > ALSA: rawmidi: Fix potential Spectre v1 vulnerability > ALSA: seq: oss: Fix Spectre v1 vulnerability > > Jeremy Cline (2): > net: socket: Fix potential spectre v1 gadget in sock_is_registered > net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd() > > Jinbum Park (2): > pktcdvd: Fix possible Spectre-v1 for pkt_devs > mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom > > Johannes Berg (1): > cfg80211: prevent speculation on cfg80211_classify8021d() return > > Mark Rutland (2): > arm64: fix possible spectre-v1 in ptrace_hbp_get_event() > arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() > > Martin Schwidefsky (1): > s390/keyboard: sanitize array index in do_kdsk_ioctl > > Masashi Honma (1): > nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT > > Mauro Carvalho Chehab (1): > media: dvb_ca_en50221: prevent using slot_info for Spectre attacs > > Peter Zijlstra (1): > sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] > > Thomas Gleixner (1): > posix-timers: Protect posix clock array access against speculation > > arch/arm64/kernel/ptrace.c | 33 +++++++++++++++++++++------------ > arch/powerpc/kernel/ptrace.c | 8 +++++++- > drivers/block/pktcdvd.c | 3 +++ > drivers/char/ipmi/ipmi_msghandler.c | 6 ++++++ > drivers/hwmon/nct6775.c | 2 ++ > drivers/media/dvb-core/dvb_ca_en50221.c | 5 +++++ > drivers/net/wireless/mac80211_hwsim.c | 4 ++++ > drivers/s390/char/keyboard.c | 28 ++++++++++++++++------------ > kernel/sched/auto_group.c | 7 +++++-- > kernel/time/posix-timers.c | 11 ++++++++--- > net/core/sock_diag.c | 2 ++ > net/wireless/nl80211.c | 1 + > net/wireless/util.c | 33 +++++++++++++++++++++++---------- > sound/core/rawmidi.c | 2 ++ > sound/core/seq/oss/seq_oss_synth.c | 7 ++++--- > 15 files changed, 109 insertions(+), 43 deletions(-) > Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
On 4/10/19 2:00 PM, Juerg Haefliger wrote: > This pull request contains fix(es) for the following CVE(s): > CVE-2017-5753 > > Pull in the latest Spectre v1 fixes from mainline. All commits are either > clean cherry-picks or simple backports (context adjustments only). > > The changes are fairly trivial and non-intrusive (low risk) in that they > sprinkle array_index_nospec() calls over different places where an array > index is user controllable. > > Compile-tested all supported architectures. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > --- > > The following changes since commit 4a18c9eb9b143743de8a54ffd31be81652d9ee93: > > Revert "module: Add retpoline tag to VERMAGIC" (2019-04-09 08:32:15 +0200) > > are available in the Git repository at: > > git://git.launchpad.net/~juergh/+git/xenial-linux update-spectre-v1 > > for you to fetch changes up to 7b3e7388ac9296c2af6e025d1534ef4675d059aa: > > ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-09 08:34:34 +0200) > > ---------------------------------------------------------------- > Breno Leitao (1): > powerpc/ptrace: Mitigate potential Spectre v1 > > Gustavo A. R. Silva (4): > hwmon: (nct6775) Fix potential Spectre v1 > ipmi: msghandler: Fix potential Spectre v1 vulnerabilities > ALSA: rawmidi: Fix potential Spectre v1 vulnerability > ALSA: seq: oss: Fix Spectre v1 vulnerability > > Jeremy Cline (2): > net: socket: Fix potential spectre v1 gadget in sock_is_registered > net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd() > > Jinbum Park (2): > pktcdvd: Fix possible Spectre-v1 for pkt_devs > mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom > > Johannes Berg (1): > cfg80211: prevent speculation on cfg80211_classify8021d() return > > Mark Rutland (2): > arm64: fix possible spectre-v1 in ptrace_hbp_get_event() > arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() > > Martin Schwidefsky (1): > s390/keyboard: sanitize array index in do_kdsk_ioctl > > Masashi Honma (1): > nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT > > Mauro Carvalho Chehab (1): > media: dvb_ca_en50221: prevent using slot_info for Spectre attacs > > Peter Zijlstra (1): > sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] > > Thomas Gleixner (1): > posix-timers: Protect posix clock array access against speculation > > arch/arm64/kernel/ptrace.c | 33 +++++++++++++++++++++------------ > arch/powerpc/kernel/ptrace.c | 8 +++++++- > drivers/block/pktcdvd.c | 3 +++ > drivers/char/ipmi/ipmi_msghandler.c | 6 ++++++ > drivers/hwmon/nct6775.c | 2 ++ > drivers/media/dvb-core/dvb_ca_en50221.c | 5 +++++ > drivers/net/wireless/mac80211_hwsim.c | 4 ++++ > drivers/s390/char/keyboard.c | 28 ++++++++++++++++------------ > kernel/sched/auto_group.c | 7 +++++-- > kernel/time/posix-timers.c | 11 ++++++++--- > net/core/sock_diag.c | 2 ++ > net/wireless/nl80211.c | 1 + > net/wireless/util.c | 33 +++++++++++++++++++++++---------- > sound/core/rawmidi.c | 2 ++ > sound/core/seq/oss/seq_oss_synth.c | 7 ++++--- > 15 files changed, 109 insertions(+), 43 deletions(-) > Applied to xenial/master-next branch. Thanks, Kleber
This pull request contains fix(es) for the following CVE(s): CVE-2017-5753 Pull in the latest Spectre v1 fixes from mainline. All commits are either clean cherry-picks or simple backports (context adjustments only). The changes are fairly trivial and non-intrusive (low risk) in that they sprinkle array_index_nospec() calls over different places where an array index is user controllable. Compile-tested all supported architectures. Signed-off-by: Juerg Haefliger <juergh@canonical.com> --- The following changes since commit 4a18c9eb9b143743de8a54ffd31be81652d9ee93: Revert "module: Add retpoline tag to VERMAGIC" (2019-04-09 08:32:15 +0200) are available in the Git repository at: git://git.launchpad.net/~juergh/+git/xenial-linux update-spectre-v1 for you to fetch changes up to 7b3e7388ac9296c2af6e025d1534ef4675d059aa: ALSA: seq: oss: Fix Spectre v1 vulnerability (2019-04-09 08:34:34 +0200) ---------------------------------------------------------------- Breno Leitao (1): powerpc/ptrace: Mitigate potential Spectre v1 Gustavo A. R. Silva (4): hwmon: (nct6775) Fix potential Spectre v1 ipmi: msghandler: Fix potential Spectre v1 vulnerabilities ALSA: rawmidi: Fix potential Spectre v1 vulnerability ALSA: seq: oss: Fix Spectre v1 vulnerability Jeremy Cline (2): net: socket: Fix potential spectre v1 gadget in sock_is_registered net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd() Jinbum Park (2): pktcdvd: Fix possible Spectre-v1 for pkt_devs mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom Johannes Berg (1): cfg80211: prevent speculation on cfg80211_classify8021d() return Mark Rutland (2): arm64: fix possible spectre-v1 in ptrace_hbp_get_event() arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() Martin Schwidefsky (1): s390/keyboard: sanitize array index in do_kdsk_ioctl Masashi Honma (1): nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT Mauro Carvalho Chehab (1): media: dvb_ca_en50221: prevent using slot_info for Spectre attacs Peter Zijlstra (1): sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation arch/arm64/kernel/ptrace.c | 33 +++++++++++++++++++++------------ arch/powerpc/kernel/ptrace.c | 8 +++++++- drivers/block/pktcdvd.c | 3 +++ drivers/char/ipmi/ipmi_msghandler.c | 6 ++++++ drivers/hwmon/nct6775.c | 2 ++ drivers/media/dvb-core/dvb_ca_en50221.c | 5 +++++ drivers/net/wireless/mac80211_hwsim.c | 4 ++++ drivers/s390/char/keyboard.c | 28 ++++++++++++++++------------ kernel/sched/auto_group.c | 7 +++++-- kernel/time/posix-timers.c | 11 ++++++++--- net/core/sock_diag.c | 2 ++ net/wireless/nl80211.c | 1 + net/wireless/util.c | 33 +++++++++++++++++++++++---------- sound/core/rawmidi.c | 2 ++ sound/core/seq/oss/seq_oss_synth.c | 7 ++++--- 15 files changed, 109 insertions(+), 43 deletions(-)