mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/sound/pci/emu10k1
History
Gustavo A. R. Silva c4d65a3afd ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities 
commit 5ae4f61f01 upstream.

ipcm->substream is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

sound/pci/emu10k1/emufx.c:1031 snd_emu10k1_ipcm_poke() warn: potential spectre issue 'emu->fx8010.pcm' [r] (local cap)
sound/pci/emu10k1/emufx.c:1075 snd_emu10k1_ipcm_peek() warn: potential spectre issue 'emu->fx8010.pcm' [r] (local cap)

Fix this by sanitizing ipcm->substream before using it to index emu->fx8010.pcm

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2

Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2019-01-09 17:14:46 +01:00
..
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
emu10k1.c ALSA: seq: Allow the modular sequencer registration 2017-06-12 08:43:33 +02:00
emu10k1_callback.c ALSA: emu10k1: constify snd_emux_operators structure 2017-02-19 22:07:29 +01:00
emu10k1_main.c ALSA: emu10k1: Use workqueue instead of kthread for emu1010 fw polling 2016-11-15 08:21:19 +01:00
emu10k1_patch.c
emu10k1_synth.c ALSA: seq: Define driver object in each driver 2015-02-12 14:15:54 +01:00
emu10k1_synth_local.h
emu10k1x.c ALSA: emu10k1: make snd_pcm_hardware const 2017-08-12 23:31:45 +02:00
emufx.c ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities 2019-01-09 17:14:46 +01:00
emumixer.c ALSA: pci: constify snd_kcontrol_new structures 2017-02-21 22:01:21 +01:00
emumpu401.c ALSA: pci: Constify snd_rawmidi_ops 2017-01-12 12:50:26 +01:00
emupcm.c ALSA: emu10k1: add error handling for snd_ctl_add 2018-08-03 07:50:22 +02:00
emuproc.c ALSA: emu10k1: Fix/cleanup ifdef CONFIG_PROC_FS 2015-05-29 07:56:42 +02:00
io.c ALSA: emu10k1: Fix possible NULL dereference 2014-03-05 12:15:56 +01:00
irq.c
memory.c ALSA: emu10k1: Rate-limit error messages about page errors 2018-08-03 07:50:32 +02:00
p16v.c ALSA: emu10k1: make snd_pcm_hardware const 2017-08-12 23:31:45 +02:00
p16v.h
p17v.h
timer.c
tina2.h
voice.c