From mboxrd@z Thu Jan 1 00:00:00 1970 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752757AbeAFJAS (ORCPT + 1 other); Sat, 6 Jan 2018 04:00:18 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:43252 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752575AbeAFJAQ (ORCPT ); Sat, 6 Jan 2018 04:00:16 -0500 Date: Sat, 6 Jan 2018 10:00:19 +0100 From: Greg KH To: Dan Williams Cc: linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Hideaki YOSHIFUJI , netdev@vger.kernel.org, peterz@infradead.org, Alexey Kuznetsov , tglx@linutronix.de, torvalds@linux-foundation.org, "David S. Miller" , Elena Reshetova , alan@linux.intel.com Subject: Re: [PATCH 14/18] ipv4: prevent bounds-check bypass via speculative execution Message-ID: <20180106090019.GD4380@kroah.com> References: <151520099201.32271.4677179499894422956.stgit@dwillia2-desk3.amr.corp.intel.com> <151520107001.32271.12149241186695668220.stgit@dwillia2-desk3.amr.corp.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <151520107001.32271.12149241186695668220.stgit@dwillia2-desk3.amr.corp.intel.com> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote: > Static analysis reports that 'offset' may be a user controlled value > that is used as a data dependency reading from a raw_frag_vec buffer. > In order to avoid potential leaks of kernel memory values, block > speculative execution of the instruction stream that could issue further > reads based on an invalid '*(rfv->c + offset)' value. > > Based on an original patch by Elena Reshetova. I thought we "proved" that this patch was not needed at all, based on previous review. It doesn't look like that review cycle got incorporated into this patch series at all, I guess I have to go back and do it all again :( thanks, greg k-h