Received: by 2002:a05:7412:8521:b0:e2:908c:2ebd with SMTP id t33csp202524rdf; Thu, 2 Nov 2023 19:32:16 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH3KoSX20UEWmakItqwdDrbf0O30C6Ot4FE3BASVr8KiodgYTFpwKP1DKrIvP6L8/azCjvl X-Received: by 2002:a17:902:f687:b0:1cc:4a23:c5fc with SMTP id l7-20020a170902f68700b001cc4a23c5fcmr14645383plg.2.1698978736266; Thu, 02 Nov 2023 19:32:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698978736; cv=none; d=google.com; s=arc-20160816; b=UkcvazA3n/chWdF04DR8VXcuVUZGYxhhlX3BD2HJu7jDuKy96Tz9Duyloqx4A/8JGM 1p0UgYqYu8dectxxn7rkjcorlgD+BSrfsmX6oUCZR5KY/H8Y1cyG5t7Dhg9vysA577oi Ut0zAvAwoPdC9UsOUimiHCoLreH1nFoOGb2JAAvdCS9pW5wlIZVOUgLhaFX0riHKunMu 2Rbm+iiwAyzMJBVQqDMYP8YzInIqynnZj9gZAOpiQM5yGGJ69cuT6c/M7msJT6FaBSyV QQfHIF75Od5BHbO5ndAQSFxk39iBG1IXrBUoxKkMxOMmVPW9PfdnniXtMsisg7o+L5u/ aaIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:subject:user-agent:mime-version:date:message-id; bh=puHvbEukB03pD0rtDLKG6LAj8nFdTxKMEWXWup6aUMA=; fh=qNNv4ph/BX8yBg6IjidoK0AegCtbO/Y+FX0395Wtd2o=; b=tIM2VzKIDiB49CR4wvkwPaFIPeeOBv/J0KYctSFgQpDl0F04vqaWXSZFM/WWVAh5Wq xt1JesIyUcTOsVtSvZyODRaWx5h6FNa8Axr/huZ8NqJndGmtGXOijwhDA4x4DvpqO5ej tJFIDDrwpfEbHXczznQ6rcfEPF7qCA+dVIJuZ5CMw23VlezN1odAim7M7q1pHjnS5WPX TW5/pjWWmqNLeuENVwrGm8kSPXMXgD33AjTYqUEVe9SaXagaJ39ArRIZOYbVSsKa8Jv1 Igl6BYk8wOcHdV3cxxmckh3UqIYU7g7fvvoZimMx2vQvM+UeumvdituDeWGRLk+snXNK nPuw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id v13-20020a170902f0cd00b001b674055d72si622468pla.621.2023.11.02.19.32.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Nov 2023 19:32:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id D4533829F1D7; Thu, 2 Nov 2023 19:32:13 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234692AbjKCCcF (ORCPT + 99 others); Thu, 2 Nov 2023 22:32:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46504 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234115AbjKCCcE (ORCPT ); Thu, 2 Nov 2023 22:32:04 -0400 Received: from mailgw.kylinos.cn (mailgw.kylinos.cn [124.126.103.232]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E41A9125 for ; Thu, 2 Nov 2023 19:31:59 -0700 (PDT) X-UUID: 2a7ddf9ad16b4c9eb7720d5cde1990ae-20231103 X-CID-O-RULE: Release_Ham X-CID-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.32,REQID:0b01e04e-72d4-4eac-9ac1-23a9e2c0b857,IP:10, URL:0,TC:0,Content:0,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACTI ON:release,TS:-5 X-CID-INFO: VERSION:1.1.32,REQID:0b01e04e-72d4-4eac-9ac1-23a9e2c0b857,IP:10,UR L:0,TC:0,Content:0,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACTION :release,TS:-5 X-CID-META: VersionHash:5f78ec9,CLOUDID:a3e018fc-4a48-46e2-b946-12f04f20af8c,B ulkID:231102193258W1UEKU65,BulkQuantity:6,Recheck:0,SF:44|64|66|38|24|17|1 9|102,TC:nil,Content:0,EDM:-3,IP:-2,URL:0,File:nil,Bulk:40,QS:nil,BEC:nil, COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_FAS,TF_CID_SPAM_FSD,TF_CID_SPAM_FSI,TF_CID_SPAM_SNR X-UUID: 2a7ddf9ad16b4c9eb7720d5cde1990ae-20231103 X-User: chentao@kylinos.cn Received: from [172.21.13.26] [(116.128.244.171)] by mailgw (envelope-from ) (Generic MTA) with ESMTP id 219426355; Fri, 03 Nov 2023 10:31:51 +0800 Message-ID: <4ca799cb-25d1-4b2a-9555-08fd6d8eaf66@kylinos.cn> Date: Fri, 3 Nov 2023 10:31:49 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] drm/i915: Fix potential spectre vulnerability To: Tvrtko Ursulin , jani.nikula@linux.intel.com, joonas.lahtinen@linux.intel.com, rodrigo.vivi@intel.com, airlied@gmail.com, daniel@ffwll.ch, andi.shyti@linux.intel.com, robdclark@chromium.org, jonathan.cavitt@intel.com, andrzej.hajda@intel.com, chris.p.wilson@intel.com, alan.previn.teres.alexis@intel.com Cc: intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org, kunwu.chan@hotmail.com References: <20231102101642.52988-1-chentao@kylinos.cn> From: Kunwu Chan In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Thu, 02 Nov 2023 19:32:14 -0700 (PDT) Hi Tvrtko, Thank you very much for your kind suggestion, I have modified it in accordance with your suggestion. On 2023/11/2 19:32, Tvrtko Ursulin wrote: > > On 02/11/2023 10:16, chentao wrote: >> Fix smatch warning: >> drivers/gpu/drm/i915/gem/i915_gem_context.c:847 set_proto_ctx_sseu() >> warn: potential spectre issue 'pc->user_engines' [r] (local cap) >> >> Signed-off-by: chentao > > I don't know if this is actually exploitable given the time deltas > between the index is read from userspace and acted upon here, which is > at least two ioctls apart. But I suppose no harm in fixing and for > safety so we need to add: > > Fixes: d4433c7600f7 ("drm/i915/gem: Use the proto-context to handle > create parameters (v5)") > Cc: # v5.15+ > >> --- >>   drivers/gpu/drm/i915/gem/i915_gem_context.c | 2 +- >>   1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c >> b/drivers/gpu/drm/i915/gem/i915_gem_context.c >> index 9a9ff84c90d7..b2fdfc7ca4de 100644 >> --- a/drivers/gpu/drm/i915/gem/i915_gem_context.c >> +++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c >> @@ -843,7 +843,7 @@ static int set_proto_ctx_sseu(struct >> drm_i915_file_private *fpriv, >>           if (idx >= pc->num_user_engines) >>               return -EINVAL; >> - > > Just please refrain from random whitespace modifications like this blank > line removal. If you resend without that you can add my r-b. > > Regards, > > Tvrtko > >> +        idx = array_index_nospec(idx, pc->num_user_engines); >>           pe = &pc->user_engines[idx]; >>           /* Only render engine supports RPCS configuration. */