evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/arch/x86
History
Dianzhang Chen 85707634a0 x86/tls: Fix possible spectre-v1 in do_get_thread_area() 
commit 993773d11d45c90cb1c6481c2638c3d9f092ea5b upstream.

The index to access the threads tls array is controlled by userspace
via syscall: sys_ptrace(), hence leading to a potential exploitation
of the Spectre variant 1 vulnerability.

The index can be controlled from:
        ptrace -> arch_ptrace -> do_get_thread_area.

Fix this by sanitizing the user supplied index before using it to access
the p->thread.tls_array.

Signed-off-by: Dianzhang Chen <dianzhangchen0@gmail.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: bp@alien8.de
Cc: hpa@zytor.com
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/1561524630-3642-1-git-send-email-dianzhangchen0@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-07-21 09:07:09 +02:00
..
boot x86/build: Specify elf_i386 linker emulation explicitly for i386 objects 2019-04-27 09:33:53 +02:00
configs
crypto crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() 2019-06-11 12:23:35 +02:00
entry x86/speculation/mds: Clear CPU buffers on exit to user 2019-05-16 19:45:14 +02:00
ia32 x86/ia32: Fix ia32_restore_sigcontext() AC leak 2019-06-11 12:24:03 +02:00
include x86/speculation/mds: Add mitigation mode VMWERV 2019-05-16 19:45:14 +02:00
kernel x86/tls: Fix possible spectre-v1 in do_get_thread_area() 2019-07-21 09:07:09 +02:00
kvm KVM: x86: degrade WARN to pr_warn_ratelimited 2019-07-10 09:56:44 +02:00
lguest
lib x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec 2018-12-17 21:55:14 +01:00
math-emu
mm x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() 2019-06-11 12:23:56 +02:00
net
oprofile x86/cpufeature: Carve out X86_FEATURE_* 2018-07-17 11:31:44 +02:00
pci x86/PCI: Fix PCI IRQ routing table memory leak 2019-06-22 08:18:20 +02:00
platform Revert "x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls" 2019-03-23 08:44:28 +01:00
power x86/power: Fix swsusp_arch_resume prototype 2018-05-30 07:48:55 +02:00
purgatory
ras
realmode x86/build: Specify elf_i386 linker emulation explicitly for i386 objects 2019-04-27 09:33:53 +02:00
tools
um um: Compile with modern headers 2019-07-10 09:56:39 +02:00
video
xen xen: fix xen_qlock_wait() 2018-11-21 09:27:36 +01:00
.gitignore
Kbuild
Kconfig x86/Kconfig: Select SCHED_SMT if SMP enabled 2019-05-16 19:45:11 +02:00
Kconfig.cpu
Kconfig.debug x86/cpufeature: Replace the old static_cpu_has() with safe variant 2018-07-17 11:31:44 +02:00
Makefile x86/build: Keep local relocations with ld.lld 2019-06-11 12:24:01 +02:00
Makefile.um
Makefile_32.cpu