Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1132382imm; Wed, 1 Aug 2018 10:43:08 -0700 (PDT) X-Google-Smtp-Source: AAOMgpeRCYdkjyWvAV273znhsIbpU0Z3s/0/3XoQHH6R+QCsOPS1eDlNmBsVilyAcTHP6ogEW2DD X-Received: by 2002:a17:902:b205:: with SMTP id t5-v6mr25156550plr.220.1533145388660; Wed, 01 Aug 2018 10:43:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533145388; cv=none; d=google.com; s=arc-20160816; b=eJUmKspfQ5yVn7pvTQVqKv1r+laiM20KZvnF1nXMdJLev5UXfTz7SluX/3wI57j+rs xQqE9TtJwIIgD4kYmFd4jjCRQxXchfrn3wFa2L7farVTG+1yMSU1y/wsN8XjscsJwzeg sX/UF4bsG98hlUzI6o9/Fw0p/gVLyY7E9IZm320x0+2Z6m/qYvRIZcebnOkFjvZk9XiX iF0VhpcTiZpVAr92OUjZgggw3eyuLgEdD0/RJbiiKdZgcwgZ25fBa/D84DOB2/laeyj6 RmYDQKwXRPoEXBEcCLQLc8Aga1b+L1U5sK03CTuTrsBR/xwPK6zKYgS6WbFDpSI36Q2S Ax2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:from:subject:cc:to:message-id:date :arc-authentication-results; bh=30o91+T8Mcy/89YmAIrqcM/FugxW/3MHjlxHiVWiFiM=; b=oFI78ah6+oeFhBeYdhU0LB9xlmzLdL6QCRm0glKsBNMkYSuF/nY5EgzTLG1UA4KP37 lyvXp/u4IhXlI+Rt6R+zFh8IVVRANpSf2ZB+2NDGBrwtBhT1eEQVqTBJVnCSQRn6/k4N ByHuN1E+uFwpsMzyCx+wj9KL8huLt/+7yI8oC0HdnbivyZGx7nbHt+mcOpJ/AmOCcoMb iTRbBYPZimjudgG0H2qhfPK6YZ/2TSpGSox+3ribQIdIJazx6+m0ZoR8HSlN6ZDR7yxA IXszpVPyACbjPW6OWEXghAoUT5VQB97FC9kLuoI0PKYMnQs8UUibIMCfGRHjJCIDiRAs ZB1Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a2-v6si16881338pgh.396.2018.08.01.10.42.54; Wed, 01 Aug 2018 10:43:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407760AbeHATRM (ORCPT + 99 others); Wed, 1 Aug 2018 15:17:12 -0400 Received: from shards.monkeyblade.net ([23.128.96.9]:49888 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2406684AbeHATRL (ORCPT ); Wed, 1 Aug 2018 15:17:11 -0400 Received: from localhost (c-24-20-22-31.hsd1.or.comcast.net [24.20.22.31]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: davem-davemloft) by shards.monkeyblade.net (Postfix) with ESMTPSA id 2DA98100A39AC; Wed, 1 Aug 2018 09:51:36 -0700 (PDT) Date: Wed, 01 Aug 2018 09:51:35 -0700 (PDT) Message-Id: <20180801.095135.79911181296177212.davem@davemloft.net> To: jcline@redhat.com Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, jpoimboe@redhat.com Subject: Re: [PATCH] netlink: Fix spectre v1 gadget in netlink_create() From: David Miller In-Reply-To: <20180731211316.12971-1-jcline@redhat.com> References: <20180731211316.12971-1-jcline@redhat.com> X-Mailer: Mew version 6.7 on Emacs 26 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 01 Aug 2018 09:51:36 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jeremy Cline Date: Tue, 31 Jul 2018 21:13:16 +0000 > 'protocol' is a user-controlled value, so sanitize it after the bounds > check to avoid using it for speculative out-of-bounds access to arrays > indexed by it. > > This addresses the following accesses detected with the help of smatch: > > * net/netlink/af_netlink.c:654 __netlink_create() warn: potential > spectre issue 'nlk_cb_mutex_keys' [w] > > * net/netlink/af_netlink.c:654 __netlink_create() warn: potential > spectre issue 'nlk_cb_mutex_key_strings' [w] > > * net/netlink/af_netlink.c:685 netlink_create() warn: potential spectre > issue 'nl_table' [w] (local cap) > > Cc: Josh Poimboeuf > Signed-off-by: Jeremy Cline Applied and queued up for -stable, thanks.