Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp88756ybi; Wed, 29 May 2019 17:15:07 -0700 (PDT) X-Google-Smtp-Source: APXvYqz10D7+d8vYqRpN3G/hgD7MlxLWvJ9k/EnRGdBmMTxcG8tCiaxW2cNXXEpHge5QZhlFK5jW X-Received: by 2002:a63:e24c:: with SMTP id y12mr850568pgj.276.1559175307158; Wed, 29 May 2019 17:15:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559175307; cv=none; d=google.com; s=arc-20160816; b=G+TXfkqlQ7xpgtodfm0LtBpHHL2kv5toi339RWUMTRDO+CGrD4j4Hf+EsfpETUyLE8 68N9ctiPnWK7QnAlHr8+9g4JrujqLxfAxZoZ3HKuwHhwU+0bRcP1EmdKkjF8/a+ORoq6 Sb1DF2B4TJuz+M/49XXrWCdcoAmR5vydi0UC4hZufFrnn6kiKVMcDw6d01EARXh1o/kM SKnUUdsDWbQ6KOu1S/48yJ7Xf+mgESQlbJUp7qmPyGOU+jseXsLXpK079DBqclQcwSXU JPNdWpZwd2SJwiaZ0sFzEUvguVXb3wE2Z5hCBuucAJ9GptZ3b/XWo6YEf/CWS4PGxF6o lC1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=oe7K7F0pG65IkqAKU9Ch52bqIbMoGlTq/PyErndd9/w=; b=s2c6d3L02/YUIIKwa73J4f4La+ylAWBnYu8c+V7GxYLmJMdg+2XlinHrsrd0EFq87f xBeUlWUbH1IJLtDiJdhPuGBHUl1lXvJE3vo/JufvrXvHgWVA22SNxE2p8Aau82yJmw80 5ZbENcWgkEhRp+6V1yt3yW72eNCyT+GtaKIiOnbLzHRqY3w9lRGKfELae9GtDG18ktXL JcZ7Hf95mMWRwYlLdlwGLH3AhLwbXQj/gWAgoTm53eks3c2yej51pcgT7eNVNq6IljUL SKUoUuwzuYOV4tKG4OjFAU04G0iRPgDxDZOBAhoESflx3wUrhXaqiU0A+shEH/XxrHXA wa2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=IPJmI3M5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e18si1341962pgk.236.2019.05.29.17.14.39; Wed, 29 May 2019 17:15:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=IPJmI3M5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727187AbfE3AEr (ORCPT + 99 others); Wed, 29 May 2019 20:04:47 -0400 Received: from bombadil.infradead.org ([198.137.202.133]:60058 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727146AbfE3AEq (ORCPT ); Wed, 29 May 2019 20:04:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=oe7K7F0pG65IkqAKU9Ch52bqIbMoGlTq/PyErndd9/w=; b=IPJmI3M5EEqxfWWOneEy2WCON 1EWRboyUjtgShu9FvjzbUo0xAy7RsCkCe5gkqlRqef8V/pCheFYG57TdZShbM3O/19Vv6RsLXJ/7v qr/JdpWLxXGepupO3S83gaZ2RkDgeS7KbEb64ZAfW+8rkAu9FHXIQH1KHv5xBLCE6VEmhl1FJwjRi 57LCEK5vvzeUTId2ka7faHiB7cbdqnkH5bVkQV2jeVBdXyuWSmocIO3WvLws2Qz1l+2/ouri7xqiV AKDB+EH3OC/StCkNTaVM0koFSywjYhhRUPoAHBcsNpDe57v2UpwGUkDzuIIOgeUT62Oog80FlThe5 L27gHa4nQ==; Received: from willy by bombadil.infradead.org with local (Exim 4.90_1 #2 (Red Hat Linux)) id 1hW8Yo-00023c-3a; Thu, 30 May 2019 00:04:46 +0000 Date: Wed, 29 May 2019 17:04:45 -0700 From: Matthew Wilcox To: Alexey Dobriyan Cc: dianzhangchen0@gmail.com, linux-kernel@vger.kernel.org, mhocko@kernel.org Subject: Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab() Message-ID: <20190530000445.GB23461@bombadil.infradead.org> References: <20190529203106.GA26268@avx2> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190529203106.GA26268@avx2> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 29, 2019 at 11:31:06PM +0300, Alexey Dobriyan wrote: > > I think it makes more sense to sanitize size in size_index_elem(), > > don't you? > > > - return (bytes - 1) / 8; > > + return array_index_nospec((bytes - 1) / 8, ARRAY_SIZE(size_index)); > > I think it should be fixed in poll. > Literally every small variable kmalloc call is going through this function. We could do that too, but don't we then have to audit every ioctl and similar to see if there's a k(v)malloc based on a size passed from userspace?