ALSA: rawmidi: Fix potential Spectre v1 vulnerability - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Gustavo A. R. Silva <[email protected]>	2019-03-20 16:15:24 -0500
committer	Takashi Iwai <[email protected]>	2019-03-21 13:21:15 +0100
commit	2b1d9c8f87235f593826b9cf46ec10247741fff9 (patch)
tree	c592769a24939ce800b7038fa4faba8908679506 /tools/perf/scripts/python/export-to-postgresql.py
parent	667a8f73753908c4d0171e52b71774f9be5d6713 (diff)

ALSA: rawmidi: Fix potential Spectre v1 vulnerability

info->stream is indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: sound/core/rawmidi.c:604 __snd_rawmidi_info_select() warn: potential spectre issue 'rmidi->streams' [r] (local cap) Fix this by sanitizing info->stream before using it to index rmidi->streams. Notice that given that speculation windows are large, the policy is to kill the speculation on the first load and not worry if it can be completed with a dependent load/store [1]. [1] https://lore.kernel.org/lkml/[email protected]/ Cc: [email protected] Signed-off-by: Gustavo A. R. Silva <[email protected]> Signed-off-by: Takashi Iwai <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/export-to-postgresql.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: