applicom: Fix potential Spectre v1 vulnerabilities
commit d7ac3c6e upstream. IndexCard is indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: drivers/char/applicom.c:418 ac_write() warn: potential spectre issue 'apbs' [r] drivers/char/applicom.c:728 ac_ioctl() warn: potential spectre issue 'apbs' [r] (local cap) Fix this by sanitizing IndexCard before using it to index apbs. Notice that given that speculation windows are large, the policy is to kill the speculation on the first load and not worry if it can be completed with a dependent load/store [1]. [1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/ Cc: stable@vger.kernel.org Signed-off-by:Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by:
Lee Jones <lee.jones@linaro.org> Signed-off-by:
Lee Jones <joneslee@google.com> Change-Id: Ia414f7fd5da3fc71ae842e0219d46bb78f8f5298
Loading
Please sign in to comment