From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
Jonathan Berger <jonathann1@walla.com>,
Amit Klein <aksecurity@gmail.com>,
Benny Pinkas <benny@pinkas.net>,
Tom Herbert <tom@herbertland.com>,
"David S. Miller" <davem@davemloft.net>,
Mahesh Bandewar <maheshb@google.com>
Subject: [PATCH 4.4 22/75] net/flow_dissector: switch to siphash
Date: Fri, 8 Nov 2019 19:49:39 +0100 [thread overview]
Message-ID: <20191108174729.201631038@linuxfoundation.org> (raw)
In-Reply-To: <20191108174708.135680837@linuxfoundation.org>
From: Eric Dumazet <edumazet@google.com>
commit 55667441c84fa5e0911a0aac44fb059c15ba6da2 upstream.
UDP IPv6 packets auto flowlabels are using a 32bit secret
(static u32 hashrnd in net/core/flow_dissector.c) and
apply jhash() over fields known by the receivers.
Attackers can easily infer the 32bit secret and use this information
to identify a device and/or user, since this 32bit secret is only
set at boot time.
Really, using jhash() to generate cookies sent on the wire
is a serious security concern.
Trying to change the rol32(hash, 16) in ip6_make_flowlabel() would be
a dead end. Trying to periodically change the secret (like in sch_sfq.c)
could change paths taken in the network for long lived flows.
Let's switch to siphash, as we did in commit df453700e8d8
("inet: switch IP ID generator to siphash")
Using a cryptographically strong pseudo random function will solve this
privacy issue and more generally remove other weak points in the stack.
Packet schedulers using skb_get_hash_perturb() benefit from this change.
Fixes: b56774163f99 ("ipv6: Enable auto flow labels by default")
Fixes: 42240901f7c4 ("ipv6: Implement different admin modes for automatic flow labels")
Fixes: 67800f9b1f4e ("ipv6: Call skb_get_hash_flowi6 to get skb->hash in ip6_make_flowlabel")
Fixes: cb1ce2ef387b ("ipv6: Implement automatic flow label generation on transmit")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Jonathan Berger <jonathann1@walla.com>
Reported-by: Amit Klein <aksecurity@gmail.com>
Reported-by: Benny Pinkas <benny@pinkas.net>
Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Mahesh Bandewar <maheshb@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/linux/skbuff.h | 3 +-
include/net/flow_dissector.h | 3 +-
net/core/flow_dissector.c | 48 +++++++++++++++++--------------------------
net/sched/sch_fq_codel.c | 6 ++---
net/sched/sch_hhf.c | 8 +++----
net/sched/sch_sfb.c | 13 ++++++-----
net/sched/sch_sfq.c | 14 +++++++-----
7 files changed, 46 insertions(+), 49 deletions(-)
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -1073,7 +1073,8 @@ static inline __u32 skb_get_hash_flowi4(
return skb->hash;
}
-__u32 skb_get_hash_perturb(const struct sk_buff *skb, u32 perturb);
+__u32 skb_get_hash_perturb(const struct sk_buff *skb,
+ const siphash_key_t *perturb);
static inline __u32 skb_get_hash_raw(const struct sk_buff *skb)
{
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -3,6 +3,7 @@
#include <linux/types.h>
#include <linux/in6.h>
+#include <linux/siphash.h>
#include <uapi/linux/if_ether.h>
/**
@@ -146,7 +147,7 @@ struct flow_dissector {
struct flow_keys {
struct flow_dissector_key_control control;
#define FLOW_KEYS_HASH_START_FIELD basic
- struct flow_dissector_key_basic basic;
+ struct flow_dissector_key_basic basic __aligned(SIPHASH_ALIGNMENT);
struct flow_dissector_key_tags tags;
struct flow_dissector_key_keyid keyid;
struct flow_dissector_key_ports ports;
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -505,45 +505,34 @@ out_bad:
}
EXPORT_SYMBOL(__skb_flow_dissect);
-static u32 hashrnd __read_mostly;
+static siphash_key_t hashrnd __read_mostly;
static __always_inline void __flow_hash_secret_init(void)
{
net_get_random_once(&hashrnd, sizeof(hashrnd));
}
-static __always_inline u32 __flow_hash_words(const u32 *words, u32 length,
- u32 keyval)
+static const void *flow_keys_hash_start(const struct flow_keys *flow)
{
- return jhash2(words, length, keyval);
-}
-
-static inline const u32 *flow_keys_hash_start(const struct flow_keys *flow)
-{
- const void *p = flow;
-
- BUILD_BUG_ON(FLOW_KEYS_HASH_OFFSET % sizeof(u32));
- return (const u32 *)(p + FLOW_KEYS_HASH_OFFSET);
+ BUILD_BUG_ON(FLOW_KEYS_HASH_OFFSET % SIPHASH_ALIGNMENT);
+ return &flow->FLOW_KEYS_HASH_START_FIELD;
}
static inline size_t flow_keys_hash_length(const struct flow_keys *flow)
{
- size_t diff = FLOW_KEYS_HASH_OFFSET + sizeof(flow->addrs);
- BUILD_BUG_ON((sizeof(*flow) - FLOW_KEYS_HASH_OFFSET) % sizeof(u32));
- BUILD_BUG_ON(offsetof(typeof(*flow), addrs) !=
- sizeof(*flow) - sizeof(flow->addrs));
+ size_t len = offsetof(typeof(*flow), addrs) - FLOW_KEYS_HASH_OFFSET;
switch (flow->control.addr_type) {
case FLOW_DISSECTOR_KEY_IPV4_ADDRS:
- diff -= sizeof(flow->addrs.v4addrs);
+ len += sizeof(flow->addrs.v4addrs);
break;
case FLOW_DISSECTOR_KEY_IPV6_ADDRS:
- diff -= sizeof(flow->addrs.v6addrs);
+ len += sizeof(flow->addrs.v6addrs);
break;
case FLOW_DISSECTOR_KEY_TIPC_ADDRS:
- diff -= sizeof(flow->addrs.tipcaddrs);
+ len += sizeof(flow->addrs.tipcaddrs);
break;
}
- return (sizeof(*flow) - diff) / sizeof(u32);
+ return len;
}
__be32 flow_get_u32_src(const struct flow_keys *flow)
@@ -609,14 +598,15 @@ static inline void __flow_hash_consisten
}
}
-static inline u32 __flow_hash_from_keys(struct flow_keys *keys, u32 keyval)
+static inline u32 __flow_hash_from_keys(struct flow_keys *keys,
+ const siphash_key_t *keyval)
{
u32 hash;
__flow_hash_consistentify(keys);
- hash = __flow_hash_words(flow_keys_hash_start(keys),
- flow_keys_hash_length(keys), keyval);
+ hash = siphash(flow_keys_hash_start(keys),
+ flow_keys_hash_length(keys), keyval);
if (!hash)
hash = 1;
@@ -626,12 +616,13 @@ static inline u32 __flow_hash_from_keys(
u32 flow_hash_from_keys(struct flow_keys *keys)
{
__flow_hash_secret_init();
- return __flow_hash_from_keys(keys, hashrnd);
+ return __flow_hash_from_keys(keys, &hashrnd);
}
EXPORT_SYMBOL(flow_hash_from_keys);
static inline u32 ___skb_get_hash(const struct sk_buff *skb,
- struct flow_keys *keys, u32 keyval)
+ struct flow_keys *keys,
+ const siphash_key_t *keyval)
{
skb_flow_dissect_flow_keys(skb, keys,
FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL);
@@ -679,7 +670,7 @@ u32 __skb_get_hash_symmetric(struct sk_b
NULL, 0, 0, 0,
FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL);
- return __flow_hash_from_keys(&keys, hashrnd);
+ return __flow_hash_from_keys(&keys, &hashrnd);
}
EXPORT_SYMBOL_GPL(__skb_get_hash_symmetric);
@@ -698,12 +689,13 @@ void __skb_get_hash(struct sk_buff *skb)
__flow_hash_secret_init();
- __skb_set_sw_hash(skb, ___skb_get_hash(skb, &keys, hashrnd),
+ __skb_set_sw_hash(skb, ___skb_get_hash(skb, &keys, &hashrnd),
flow_keys_have_l4(&keys));
}
EXPORT_SYMBOL(__skb_get_hash);
-__u32 skb_get_hash_perturb(const struct sk_buff *skb, u32 perturb)
+__u32 skb_get_hash_perturb(const struct sk_buff *skb,
+ const siphash_key_t *perturb)
{
struct flow_keys keys;
--- a/net/sched/sch_fq_codel.c
+++ b/net/sched/sch_fq_codel.c
@@ -55,7 +55,7 @@ struct fq_codel_sched_data {
struct fq_codel_flow *flows; /* Flows table [flows_cnt] */
u32 *backlogs; /* backlog table [flows_cnt] */
u32 flows_cnt; /* number of flows */
- u32 perturbation; /* hash perturbation */
+ siphash_key_t perturbation; /* hash perturbation */
u32 quantum; /* psched_mtu(qdisc_dev(sch)); */
struct codel_params cparams;
struct codel_stats cstats;
@@ -69,7 +69,7 @@ struct fq_codel_sched_data {
static unsigned int fq_codel_hash(const struct fq_codel_sched_data *q,
struct sk_buff *skb)
{
- u32 hash = skb_get_hash_perturb(skb, q->perturbation);
+ u32 hash = skb_get_hash_perturb(skb, &q->perturbation);
return reciprocal_scale(hash, q->flows_cnt);
}
@@ -420,7 +420,7 @@ static int fq_codel_init(struct Qdisc *s
sch->limit = 10*1024;
q->flows_cnt = 1024;
q->quantum = psched_mtu(qdisc_dev(sch));
- q->perturbation = prandom_u32();
+ get_random_bytes(&q->perturbation, sizeof(q->perturbation));
INIT_LIST_HEAD(&q->new_flows);
INIT_LIST_HEAD(&q->old_flows);
codel_params_init(&q->cparams, sch);
--- a/net/sched/sch_hhf.c
+++ b/net/sched/sch_hhf.c
@@ -4,11 +4,11 @@
* Copyright (C) 2013 Nandita Dukkipati <nanditad@google.com>
*/
-#include <linux/jhash.h>
#include <linux/jiffies.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/vmalloc.h>
+#include <linux/siphash.h>
#include <net/pkt_sched.h>
#include <net/sock.h>
@@ -125,7 +125,7 @@ struct wdrr_bucket {
struct hhf_sched_data {
struct wdrr_bucket buckets[WDRR_BUCKET_CNT];
- u32 perturbation; /* hash perturbation */
+ siphash_key_t perturbation; /* hash perturbation */
u32 quantum; /* psched_mtu(qdisc_dev(sch)); */
u32 drop_overlimit; /* number of times max qdisc packet
* limit was hit
@@ -263,7 +263,7 @@ static enum wdrr_bucket_idx hhf_classify
}
/* Get hashed flow-id of the skb. */
- hash = skb_get_hash_perturb(skb, q->perturbation);
+ hash = skb_get_hash_perturb(skb, &q->perturbation);
/* Check if this packet belongs to an already established HH flow. */
flow_pos = hash & HHF_BIT_MASK;
@@ -602,7 +602,7 @@ static int hhf_init(struct Qdisc *sch, s
sch->limit = 1000;
q->quantum = psched_mtu(qdisc_dev(sch));
- q->perturbation = prandom_u32();
+ get_random_bytes(&q->perturbation, sizeof(q->perturbation));
INIT_LIST_HEAD(&q->new_buckets);
INIT_LIST_HEAD(&q->old_buckets);
--- a/net/sched/sch_sfb.c
+++ b/net/sched/sch_sfb.c
@@ -22,7 +22,7 @@
#include <linux/errno.h>
#include <linux/skbuff.h>
#include <linux/random.h>
-#include <linux/jhash.h>
+#include <linux/siphash.h>
#include <net/ip.h>
#include <net/pkt_sched.h>
#include <net/inet_ecn.h>
@@ -48,7 +48,7 @@ struct sfb_bucket {
* (Section 4.4 of SFB reference : moving hash functions)
*/
struct sfb_bins {
- u32 perturbation; /* jhash perturbation */
+ siphash_key_t perturbation; /* siphash key */
struct sfb_bucket bins[SFB_LEVELS][SFB_NUMBUCKETS];
};
@@ -219,7 +219,8 @@ static u32 sfb_compute_qlen(u32 *prob_r,
static void sfb_init_perturbation(u32 slot, struct sfb_sched_data *q)
{
- q->bins[slot].perturbation = prandom_u32();
+ get_random_bytes(&q->bins[slot].perturbation,
+ sizeof(q->bins[slot].perturbation));
}
static void sfb_swap_slot(struct sfb_sched_data *q)
@@ -313,9 +314,9 @@ static int sfb_enqueue(struct sk_buff *s
/* If using external classifiers, get result and record it. */
if (!sfb_classify(skb, fl, &ret, &salt))
goto other_drop;
- sfbhash = jhash_1word(salt, q->bins[slot].perturbation);
+ sfbhash = siphash_1u32(salt, &q->bins[slot].perturbation);
} else {
- sfbhash = skb_get_hash_perturb(skb, q->bins[slot].perturbation);
+ sfbhash = skb_get_hash_perturb(skb, &q->bins[slot].perturbation);
}
@@ -351,7 +352,7 @@ static int sfb_enqueue(struct sk_buff *s
/* Inelastic flow */
if (q->double_buffering) {
sfbhash = skb_get_hash_perturb(skb,
- q->bins[slot].perturbation);
+ &q->bins[slot].perturbation);
if (!sfbhash)
sfbhash = 1;
sfb_skb_cb(skb)->hashes[slot] = sfbhash;
--- a/net/sched/sch_sfq.c
+++ b/net/sched/sch_sfq.c
@@ -18,7 +18,7 @@
#include <linux/errno.h>
#include <linux/init.h>
#include <linux/skbuff.h>
-#include <linux/jhash.h>
+#include <linux/siphash.h>
#include <linux/slab.h>
#include <linux/vmalloc.h>
#include <net/netlink.h>
@@ -120,7 +120,7 @@ struct sfq_sched_data {
u8 headdrop;
u8 maxdepth; /* limit of packets per flow */
- u32 perturbation;
+ siphash_key_t perturbation;
u8 cur_depth; /* depth of longest slot */
u8 flags;
unsigned short scaled_quantum; /* SFQ_ALLOT_SIZE(quantum) */
@@ -158,7 +158,7 @@ static inline struct sfq_head *sfq_dep_h
static unsigned int sfq_hash(const struct sfq_sched_data *q,
const struct sk_buff *skb)
{
- return skb_get_hash_perturb(skb, q->perturbation) & (q->divisor - 1);
+ return skb_get_hash_perturb(skb, &q->perturbation) & (q->divisor - 1);
}
static unsigned int sfq_classify(struct sk_buff *skb, struct Qdisc *sch,
@@ -607,9 +607,11 @@ static void sfq_perturbation(unsigned lo
struct Qdisc *sch = (struct Qdisc *)arg;
struct sfq_sched_data *q = qdisc_priv(sch);
spinlock_t *root_lock = qdisc_lock(qdisc_root_sleeping(sch));
+ siphash_key_t nkey;
+ get_random_bytes(&nkey, sizeof(nkey));
spin_lock(root_lock);
- q->perturbation = prandom_u32();
+ q->perturbation = nkey;
if (!q->filter_list && q->tail)
sfq_rehash(sch);
spin_unlock(root_lock);
@@ -681,7 +683,7 @@ static int sfq_change(struct Qdisc *sch,
del_timer(&q->perturb_timer);
if (q->perturb_period) {
mod_timer(&q->perturb_timer, jiffies + q->perturb_period);
- q->perturbation = prandom_u32();
+ get_random_bytes(&q->perturbation, sizeof(q->perturbation));
}
sch_tree_unlock(sch);
kfree(p);
@@ -737,7 +739,7 @@ static int sfq_init(struct Qdisc *sch, s
q->quantum = psched_mtu(qdisc_dev(sch));
q->scaled_quantum = SFQ_ALLOT_SIZE(q->quantum);
q->perturb_period = 0;
- q->perturbation = prandom_u32();
+ get_random_bytes(&q->perturbation, sizeof(q->perturbation));
if (opt) {
int err = sfq_change(sch, opt);
next prev parent reply other threads:[~2019-11-08 18:52 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-08 18:49 [PATCH 4.4 00/75] 4.4.200-stable review Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 01/75] kbuild: add -fcf-protection=none when using retpoline flags Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 02/75] regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 03/75] regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 04/75] ASoc: rockchip: i2s: Fix RPM imbalance Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 05/75] ARM: dts: logicpd-torpedo-som: Remove twl_keypad Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 06/75] ARM: mm: fix alignment handler faults under memory pressure Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 07/75] scsi: sni_53c710: fix compilation error Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 08/75] scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 09/75] perf kmem: Fix memory leak in compact_gfp_flags() Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 10/75] scsi: target: core: Do not overwrite CDB byte 1 Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 11/75] of: unittest: fix memory leak in unittest_data_add Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 12/75] MIPS: bmips: mark exception vectors as char arrays Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 13/75] cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 14/75] dccp: do not leak jiffies on the wire Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 15/75] net: fix sk_page_frag() recursion from memory reclaim Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 16/75] net: hisilicon: Fix ping latency when deal with high throughput Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 17/75] net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 18/75] net: add READ_ONCE() annotation in __skb_wait_for_more_packets() Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 19/75] vxlan: check tun_info options_len properly Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 20/75] net/mlx4_core: Dynamically set guaranteed amount of counters per VF Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 21/75] inet: stop leaking jiffies on the wire Greg Kroah-Hartman
2019-11-08 18:49 ` Greg Kroah-Hartman [this message]
2019-11-08 18:49 ` [PATCH 4.4 23/75] dmaengine: qcom: bam_dma: Fix resource leak Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 24/75] ARM: 8051/1: put_user: fix possible data corruption in put_user Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 25/75] ARM: 8478/2: arm/arm64: add arm-smccc Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 26/75] ARM: 8479/2: add implementation for arm-smccc Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 27/75] ARM: 8480/2: arm64: " Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 28/75] ARM: 8481/2: drivers: psci: replace psci firmware calls Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 29/75] ARM: uaccess: remove put_user() code duplication Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 30/75] ARM: Move system register accessors to asm/cp15.h Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 31/75] arm/arm64: KVM: Advertise SMCCC v1.1 Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 32/75] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 33/75] firmware/psci: Expose PSCI conduit Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 34/75] firmware/psci: Expose SMCCC version through psci_ops Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 35/75] arm/arm64: smccc: Make function identifiers an unsigned quantity Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 36/75] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 37/75] arm/arm64: smccc: Add SMCCC-specific return codes Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 38/75] arm/arm64: smccc-1.1: Make return values unsigned long Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 39/75] arm/arm64: smccc-1.1: Handle function result as parameters Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 40/75] ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 41/75] ARM: bugs: prepare processor bug infrastructure Greg Kroah-Hartman
2019-11-08 18:49 ` [PATCH 4.4 42/75] ARM: bugs: hook processor bug checking into SMP and suspend paths Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 43/75] ARM: bugs: add support for per-processor bug checking Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 44/75] ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 45/75] ARM: spectre-v2: harden branch predictor on context switches Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 46/75] ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 47/75] ARM: spectre-v2: harden user aborts in kernel space Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 48/75] ARM: spectre-v2: add firmware based hardening Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 49/75] ARM: spectre-v2: warn about incorrect context switching functions Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 50/75] ARM: spectre-v1: add speculation barrier (csdb) macros Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 51/75] ARM: spectre-v1: add array_index_mask_nospec() implementation Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 52/75] ARM: spectre-v1: fix syscall entry Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 53/75] ARM: signal: copy registers using __copy_from_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 54/75] ARM: vfp: use __copy_from_user() when restoring VFP state Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 55/75] ARM: oabi-compat: copy semops using __copy_from_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 56/75] ARM: use __inttype() in get_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 57/75] ARM: spectre-v1: use get_user() for __get_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 58/75] ARM: spectre-v1: mitigate user accesses Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 59/75] ARM: 8789/1: signal: copy registers using __copy_to_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 60/75] ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 61/75] ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 62/75] ARM: 8793/1: signal: replace __put_user_error with __put_user Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 63/75] ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 64/75] ARM: 8795/1: spectre-v1.1: use put_user() for __put_user() Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 65/75] ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 66/75] ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 67/75] ARM: make lookup_processor_type() non-__init Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 68/75] ARM: split out processor lookup Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 69/75] ARM: clean up per-processor check_bugs method call Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 70/75] ARM: add PROC_VTABLE and PROC_TABLE macros Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 71/75] ARM: spectre-v2: per-CPU vtables to work around big.Little systems Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 72/75] ARM: ensure that processor vtables is not lost after boot Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 73/75] ARM: fix the cockup in the previous patch Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 74/75] alarmtimer: Change remaining ENOTSUPP to EOPNOTSUPP Greg Kroah-Hartman
2019-11-08 18:50 ` [PATCH 4.4 75/75] fs/dcache: move security_d_instantiate() behind attaching dentry to inode Greg Kroah-Hartman
2019-11-09 1:17 ` [PATCH 4.4 00/75] 4.4.200-stable review kernelci.org bot
2019-11-09 10:32 ` Naresh Kamboju
2019-11-09 15:38 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191108174729.201631038@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=aksecurity@gmail.com \
--cc=benny@pinkas.net \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=jonathann1@walla.com \
--cc=linux-kernel@vger.kernel.org \
--cc=maheshb@google.com \
--cc=stable@vger.kernel.org \
--cc=tom@herbertland.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).