Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753643AbeAFPOX (ORCPT + 1 other); Sat, 6 Jan 2018 10:14:23 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:50880 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753520AbeAFPOW (ORCPT ); Sat, 6 Jan 2018 10:14:22 -0500 Date: Sat, 6 Jan 2018 16:14:24 +0100 From: Greg KH To: Alan Cox Cc: Dan Williams , linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Hideaki YOSHIFUJI , netdev@vger.kernel.org, peterz@infradead.org, Alexey Kuznetsov , tglx@linutronix.de, torvalds@linux-foundation.org, "David S. Miller" , Elena Reshetova , alan@linux.intel.com Subject: Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution Message-ID: <20180106151424.GA17924@kroah.com> References: <151520099201.32271.4677179499894422956.stgit@dwillia2-desk3.amr.corp.intel.com> <151520107001.32271.12149241186695668220.stgit@dwillia2-desk3.amr.corp.intel.com> <20180106090154.GE4380@kroah.com> <20180106122347.7a5c8ee6@alans-desktop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180106122347.7a5c8ee6@alans-desktop> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Sat, Jan 06, 2018 at 12:23:47PM +0000, Alan Cox wrote: > On Sat, 6 Jan 2018 10:01:54 +0100 > Greg KH wrote: > > > On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote: > > > Static analysis reports that 'offset' may be a user controlled value > > > > Can I see the rule that determined that? It does not feel like that is > > correct, given the 3+ levels deep that this function gets this value > > from... > > On a current x86 you can execute something upwards of 150 instructions in > a speculation window. Yeah, I agree, it's deep :( But for this patch, I thought the prior review determined that it was not a problem. Was that somehow proven incorrect? thanks, greg k-h