linux/arch
Will Deacon 6e693b3ffe x86: uaccess: Inhibit speculation past access_ok() in user_access_begin()
Commit 594cc251fd ("make 'user_access_begin()' do 'access_ok()'")
makes the access_ok() check part of the user_access_begin() preceding a
series of 'unsafe' accesses.  This has the desirable effect of ensuring
that all 'unsafe' accesses have been range-checked, without having to
pick through all of the callsites to verify whether the appropriate
checking has been made.

However, the consolidated range check does not inhibit speculation, so
it is still up to the caller to ensure that they are not susceptible to
any speculative side-channel attacks for user addresses that ultimately
fail the access_ok() check.

This is an oversight, so use __uaccess_begin_nospec() to ensure that
speculation is inhibited until the access_ok() check has passed.

Reported-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-20 15:33:22 +12:00
..
alpha Kbuild late updates for v4.21 2019-01-06 16:33:10 -08:00
arc arch: remove redundant UAPI generic-y defines 2019-01-06 10:22:15 +09:00
arm Late reset controller changes for v5.0 2019-01-12 22:06:54 -08:00
arm64 kasan, arm64: remove redundant ARCH_SLAB_MINALIGN define 2019-01-16 12:09:11 +00:00
c6x arch: restore generic-y += shmparam.h for some architectures 2019-01-06 18:16:11 -08:00
csky csky: fixup compile error with CPU 810. 2019-01-10 04:37:37 -08:00
h8300 kbuild: remove unused archmrproper 2019-01-16 23:31:17 +09:00
hexagon arch: restore generic-y += shmparam.h for some architectures 2019-01-06 18:16:11 -08:00
ia64 ia64: remove redundant 'export AWK' 2019-01-16 23:31:18 +09:00
m68k arch: restore generic-y += shmparam.h for some architectures 2019-01-06 18:16:11 -08:00
microblaze arch: restore generic-y += shmparam.h for some architectures 2019-01-06 18:16:11 -08:00
mips A few MIPS fixes for 5.0: 2019-01-20 10:33:18 +12:00
nds32 nds32: remove unneeded code in arch/nds32/Makefile 2019-01-17 23:42:37 +09:00
nios2 arch: remove redundant UAPI generic-y defines 2019-01-06 10:22:15 +09:00
openrisc openrisc: remove unneeded code in arch/openrisc/Makefile 2019-01-17 23:42:59 +09:00
parisc arch: remove redundant UAPI generic-y defines 2019-01-06 10:22:15 +09:00
powerpc A single build fix for powerpc due to device_node.type removal 2019-01-20 10:28:46 +12:00
riscv Fix a handful of audit-related issue 2019-01-07 08:45:47 -08:00
s390 Kbuild late updates for v4.21 2019-01-06 16:33:10 -08:00
sh Kbuild late updates for v4.21 2019-01-06 16:33:10 -08:00
sparc arch: remove redundant UAPI generic-y defines 2019-01-06 10:22:15 +09:00
um Merge branch 'akpm' (patches from Andrew) 2019-01-05 09:16:18 -08:00
unicore32 arch: restore generic-y += shmparam.h for some architectures 2019-01-06 18:16:11 -08:00
x86 x86: uaccess: Inhibit speculation past access_ok() in user_access_begin() 2019-01-20 15:33:22 +12:00
xtensa arch: remove redundant UAPI generic-y defines 2019-01-06 10:22:15 +09:00
.gitignore
Kconfig jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00