diff options
| author | Gustavo A. R. Silva <gustavo@embeddedor.com> | 2019-03-20 18:42:01 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-04-03 06:23:26 +0200 |
| commit | f98242a8debb8dd9fbbabc3ae1fc80c316cf8945 (patch) | |
| tree | c3fddc3a1ea5288f94bbddb80146fe306ff597a7 /tools/perf/scripts/python/call-graph-from-postgresql.py | |
| parent | 619ae9f179dea5cae3a297ca3f06071fe2068c8a (diff) | |
ALSA: seq: oss: Fix Spectre v1 vulnerability
commit c709f14f0616482b67f9fbcb965e1493a03ff30b upstream.
dev is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.
This issue was detected with the help of Smatch:
sound/core/seq/oss/seq_oss_synth.c:626 snd_seq_oss_synth_make_info() warn: potential spectre issue 'dp->synths' [w] (local cap)
Fix this by sanitizing dev before using it to index dp->synths.
Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].
[1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'tools/perf/scripts/python/call-graph-from-postgresql.py')
0 files changed, 0 insertions, 0 deletions