Go to file
Gustavo A. R. Silva 0e714d2778 vfio/pci: Fix potential Spectre v1
info.index can be indirectly controlled by user-space, hence leading
to a potential exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

drivers/vfio/pci/vfio_pci.c:734 vfio_pci_ioctl()
warn: potential spectre issue 'vdev->region'

Fix this by sanitizing info.index before indirectly using it to index
vdev->region

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2

Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-07-18 12:57:25 -06:00
arch ARM: SoC fixes for 4.18-rc 2018-07-15 09:49:21 -07:00
block for-linus-20180713 2018-07-14 12:28:00 -07:00
certs certs/blacklist: fix const confusion 2018-06-26 09:43:03 -07:00
crypto Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
Documentation Kbuild fixes for v4.18 (2nd) 2018-07-13 12:15:12 -07:00
drivers vfio/pci: Fix potential Spectre v1 2018-07-18 12:57:25 -06:00
firmware kbuild: remove all dummy assignments to obj- 2017-11-18 11:46:06 +09:00
fs reiserfs: fix buffer overflow with long warning messages 2018-07-14 11:11:10 -07:00
include mm: allow arch to supply p??_free_tlb functions 2018-07-14 11:11:09 -07:00
init Kbuild fixes for v4.18 2018-06-30 13:05:30 -07:00
ipc ipc: use new return type vm_fault_t 2018-06-15 07:55:25 +09:00
kernel Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-07-13 13:36:36 -07:00
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-07-02 11:18:28 -07:00
LICENSES LICENSES: Add Linux-OpenIB license text 2018-04-27 16:41:53 -06:00
mm Merge branch 'akpm' (patches from Andrew) 2018-07-14 11:14:33 -07:00
net net/9p/client.c: put refcount of trans_mod in error case in parse_opts() 2018-07-14 11:11:09 -07:00
samples sample: vfio-mdev: avoid deadlock in mdev_access() 2018-07-11 13:22:41 -06:00
scripts checkpatch: fix duplicate invalid vsprintf pointer extension '%p<foo>' messages 2018-07-14 11:11:10 -07:00
security selinux/stable-4.18 PR 20180629 2018-06-30 11:15:12 -07:00
sound ALSA: hda/ca0132: Update a pci quirk device name 2018-07-12 09:18:31 +02:00
tools Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-07-13 13:33:09 -07:00
usr kbuild: rename built-in.o to built-in.a 2018-03-26 02:01:19 +09:00
virt KVM: arm64: Prevent KVM_COMPAT from being selected 2018-06-21 17:17:50 +01:00
.clang-format clang-format: add configuration file 2018-04-11 10:28:35 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Add hch to .get_maintainer.ignore 2015-08-21 14:30:10 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Kbuild updates for v4.17 (2nd) 2018-04-15 17:21:30 -07:00
.mailmap Merge branch 'asoc-4.17' into asoc-4.18 for compress dependencies 2018-04-26 12:24:28 +01:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS/CREDITS: Drop METAG ARCHITECTURE 2018-03-05 16:34:24 +00:00
Kbuild Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Kconfig kconfig: add basic helper macros to scripts/Kconfig.include 2018-05-29 03:31:19 +09:00
MAINTAINERS Char/Misc fixes for 4.18-rc5 2018-07-11 10:10:50 -07:00
Makefile Linux 4.18-rc5 2018-07-15 12:49:31 -07:00
README Docs: Added a pointer to the formatted docs to README 2018-03-21 09:02:53 -06:00

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.