Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2046965imm; Sat, 28 Jul 2018 08:09:34 -0700 (PDT) X-Google-Smtp-Source: AAOMgpeMApdcj7WwgwVsj7vzK38RhhC+IunphI7qYre/sSR+8H9Go3t2wgXaTgJCsZTRrbARURcm X-Received: by 2002:a62:8d84:: with SMTP id p4-v6mr11187338pfk.251.1532790574939; Sat, 28 Jul 2018 08:09:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532790574; cv=none; d=google.com; s=arc-20160816; b=w9eKIeyXg6Kd+mRbD4IwVF1M/oFeBg+42hpB3WkvV4yY1/9YxcOzDOuIu0zK92LcpN QAOk/i3PnO1CKf9/k/4DMIKNa2vUE/pn1f0ymEb4UuwwyKUiVlQE5fxFJPwqFGNuVxlm 9ipj2BImHEPqTvePdjezzI2ddqWdSk7WNl4g4/HyarB3p7XA1vg+3YxmcKrxY0yrA/Nz yMncY/NLLP+oqXFPBPZV8cxZXFjR2QYyvPtPMaX3Hug5alJOX145AD+ZEgackacGUqCD 1YxBsgbWn3gTeGFxPxMRaT0kdFF0vsnOnnGgF004S+wkMT4vrJ3rHKryPbtsEGjeic8E gqFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=IYDsDiyUxKT1eRA/kMcg5xySV4FIKMlZUm0UsfRK9NM=; b=y56GpQQvY0RC0HPYzbYYMk6fpJbqOKP1vODxCtPcMTgy6ZJSP0XCrsGb93OxN9DYd0 n35RTC7ANlSUTzlf2sMx+pkfqEEWzE3yxYldsSWl/GFOEFQnVFjPcz/hOLcZbbYfkhHi y7DSTr5ZK4epK0OraKVJEieJkGNXURBObYUCNiAJXxRZGXzsj7bQ+gpJHf/Xe//V76c/ YZdnmCtyJtQ6Vt/cQPo27e6/8NQB5F8cMOUj8MNoifn20vrdmqIDbKBbbkvlBnfZXEUr Wnohn63aG73rAJJAGbBGZ3GaU9EQ7MoyE31SsHmmqvQH+wbAb4pVM4GE44rrkagyk4NZ 84pg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel-dk.20150623.gappssmtp.com header.s=20150623 header.b="aHH/Oqe2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m70-v6si7455475pfa.45.2018.07.28.08.09.20; Sat, 28 Jul 2018 08:09:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel-dk.20150623.gappssmtp.com header.s=20150623 header.b="aHH/Oqe2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729093AbeG1QfW (ORCPT + 99 others); Sat, 28 Jul 2018 12:35:22 -0400 Received: from mail-it0-f54.google.com ([209.85.214.54]:53317 "EHLO mail-it0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729016AbeG1QfW (ORCPT ); Sat, 28 Jul 2018 12:35:22 -0400 Received: by mail-it0-f54.google.com with SMTP id 72-v6so11659848itw.3 for ; Sat, 28 Jul 2018 08:08:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=IYDsDiyUxKT1eRA/kMcg5xySV4FIKMlZUm0UsfRK9NM=; b=aHH/Oqe2rTqNhKYSJsowtLPxB5w4W1BUjO9Xw3KFB2W6XLYEv0+eLCSHA4D6aFkjaE /riCNfk0MJmAM5HVb8Ne3k6D59t817CCHo5ftnQI7S7ctAT7rWuonhR6swdH8Qdlk4RB V6gTI8YBWyhEZoSkpiJFT6YZYl2GEqUnqs0PRo5PB8HKYEqaesq5++Zxxe0hk+pWgDxM rPWNplvJUwEE8b1n2DRf297459+HuupQ8pbW3Rz8P0qHpnUYZpkV/OhWt49XoipK+Cq2 FjPunTQVn34jBAkpgrvPBMoBHCQdRCvyFGw2g4zBxvnLfoh4te02z/y1I/xlpKGEVdgH 4//g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=IYDsDiyUxKT1eRA/kMcg5xySV4FIKMlZUm0UsfRK9NM=; b=OTMnY+DMQLNA78TkPjlJAWQnSZfrV+YpAGlypBVIEtURKK52+rAshVUEfgEi78XulH yWcbf8Ul4ddufRTlIR0i7wod2jZT6UwsM25EjC//PbR6ZkDop6T3ch//xwOLl5/RBBpk kGuxfa3u6Q7s5pSIgpESMDLbqTWtau2P3NpVM1iwhVMo97JGs2rg/uCc/Pyt+M7xTUTW qSZ4hYvdg9nvMZ3S5vNvfpkol4CR1wf+4qPgwCbB6IgbAV8U6qBxacilgYOQkaQXC5Vn l5ChvBVGUgFWF0fGixz9OezVhqMTv+kOKyxTi36QtycUByepH7DmfnfU47OSPuKxWiA9 xnnQ== X-Gm-Message-State: AOUpUlE2tq88knCxbThwboa8lGSJvt+vhDc98pk8jkZ8J58hh8nmCTDb SnUdxT7oDOjF4eGsSZ6G/IYTGeXfAf4= X-Received: by 2002:a24:5ac7:: with SMTP id v190-v6mr9694234ita.102.1532790512610; Sat, 28 Jul 2018 08:08:32 -0700 (PDT) Received: from [192.168.1.212] (107.191.0.158.static.utbb.net. [107.191.0.158]) by smtp.gmail.com with ESMTPSA id i13-v6sm2163137iog.31.2018.07.28.08.08.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 28 Jul 2018 08:08:31 -0700 (PDT) Subject: Re: [PATCH v3] pktcdvd: Fix possible Spectre-v1 for pkt_devs To: Jinbum Park , bart.vanassche@wdc.com, jiufei.xue@linux.alibaba.com, gustavo@embeddedor.com Cc: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org References: <20180728042044.GA3571@pjb1027-Latitude-E5410> From: Jens Axboe Message-ID: Date: Sat, 28 Jul 2018 09:08:28 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 In-Reply-To: <20180728042044.GA3571@pjb1027-Latitude-E5410> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 7/27/18 10:20 PM, Jinbum Park wrote: > User controls @dev_minor which to be used as index of pkt_devs. > So, It can be exploited via Spectre-like attack. (speculative execution) > > This kind of attack leaks address of pkt_devs, [1] > It leads an attacker to bypass security mechanism such as KASLR. > > So sanitize @dev_minor before using it to prevent attack. > > [1] https://github.com/jinb-park/linux-exploit/ > tree/master/exploit-remaining-spectre-gadget/leak_pkt_devs.c Applied for 4.19, thanks. -- Jens Axboe