mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 17:08:10 +00:00
Code Issues Releases Wiki Activity
linux-stable/lib
History
Dave Hansen 6c750ed036 uaccess: Add speculation barrier to copy_from_user() 
commit 74e19ef0ff upstream.

The results of "access_ok()" can be mis-speculated.  The result is that
you can end speculatively:

	if (access_ok(from, size))
		// Right here

even for bad from/size combinations.  On first glance, it would be ideal
to just add a speculation barrier to "access_ok()" so that its results
can never be mis-speculated.

But there are lots of system calls just doing access_ok() via
"copy_to_user()" and friends (example: fstat() and friends).  Those are
generally not problematic because they do not _consume_ data from
userspace other than the pointer.  They are also very quick and common
system calls that should not be needlessly slowed down.

"copy_from_user()" on the other hand uses a user-controller pointer and
is frequently followed up with code that might affect caches.  Take
something like this:

	if (!copy_from_user(&kernelvar, uptr, size))
		do_something_with(kernelvar);

If userspace passes in an evil 'uptr' that *actually* points to a kernel
addresses, and then do_something_with() has cache (or other)
side-effects, it could allow userspace to infer kernel data values.

Add a barrier to the common copy_from_user() code to prevent
mis-speculated values which happen after the copy.

Also add a stub for architectures that do not define barrier_nospec().
This makes the macro usable in generic code.

Since the barrier is now usable in generic code, the x86 #ifdef in the
BPF code can also go away.

Reported-by: Jordy Zomer <jordyzomer@google.com>
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>   # BPF bits
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-02-25 11:53:26 +01:00
..
842 lib: 842: no need to check return value of debugfs_create functions 2019-07-03 16:57:17 +02:00
crypto lib/crypto: blake2s: move hmac construction into wireguard 2022-06-22 14:11:02 +02:00
dim dim: initialize all struct fields 2022-05-18 09:47:25 +02:00
fonts lib/fonts: fix undefined behavior in bit shift for get_default_font 2023-01-18 11:40:54 +01:00
livepatch
lz4 lz4: fix LZ4_decompress_safe_partial read out of bound 2022-04-15 14:18:39 +02:00
lzo lib/lzo: fix ambiguous encoding bug in lzo-rle 2020-06-17 16:40:28 +02:00
math treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
mpi lib/mpi: use kcalloc in mpi_resize 2021-09-15 09:47:29 +02:00
raid6 lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3 2022-04-15 14:18:23 +02:00
reed_solomon rslib: Make some functions static 2019-07-02 08:41:37 +02:00
vdso lib/vdso: use "grep -E" instead of "egrep" 2022-12-08 11:22:59 +01:00
xz lib/xz: Validate the value before assigning it to an enum variable 2021-11-17 09:48:31 +01:00
zlib_deflate treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
zlib_inflate lib/zlib: remove outdated and incorrect pre-increment optimization 2020-06-24 17:50:39 +02:00
zstd lib/zstd/mem.h: replace __inline by inline 2019-09-15 19:42:16 +02:00
.gitignore
argv_split.c
ashldi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
ashrdi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
asn1_decoder.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
assoc_array.c assoc_array: Fix BUG_ON during garbage collect 2022-06-06 08:33:50 +02:00
atomic64.c locking/atomic: Use s64 for atomic64 2019-06-03 12:32:56 +02:00
atomic64_test.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
audit.c
bcd.c
bch.c
bitmap.c cpumask: Implement cpumask_or_equal() 2019-07-25 15:47:37 +02:00
bitrev.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
bsearch.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372 2019-06-05 17:37:10 +02:00
btree.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 431 2019-06-05 17:37:16 +02:00
bucket_locks.c
bug.c bug: Remove redundant condition check in report_bug 2021-05-14 09:44:27 +02:00
build_OID_registry treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
bust_spinlocks.c
chacha.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
check_signature.c
checksum.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
clz_ctz.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
clz_tab.c
cmdline.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
cmpdi2.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
compat_audit.c
cpu_rmap.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cpumask.c
crc-ccitt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc-itu-t.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc-t10dif.c crc-t10dif: Fix potential crypto notify dead-lock 2020-08-19 08:15:54 +02:00
crc4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc7.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc8.c
crc16.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc32.c lib/crc32.c: fix trivial typo in preprocessor condition 2020-10-29 09:57:52 +01:00
crc32defs.h
crc32test.c lib/crc32test: remove extra local_irq_disable/enable 2020-11-10 12:37:27 +01:00
crc64.c
ctype.c
debug_info.c
debug_locks.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
debugobjects.c debugobjects: Fix various data races 2020-02-24 08:36:52 +01:00
dec_and_lock.c
decompress.c
decompress_bunzip2.c
decompress_inflate.c
decompress_unlz4.c lib/decompress_unlz4.c: correctly handle zero-padding around initrds. 2021-07-20 16:10:46 +02:00
decompress_unlzma.c
decompress_unlzo.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 95 2019-05-24 17:37:53 +02:00
decompress_unxz.c lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression 2021-11-17 09:48:31 +01:00
devres.c devres: keep both device name and resource name in pretty name 2020-08-21 13:05:32 +02:00
digsig.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
dump_stack.c dump_stack: avoid the livelock of the dump_lock 2019-11-06 08:47:50 -08:00
dynamic_debug.c dyndbg: let query-modname override actual module name 2022-10-26 13:22:37 +02:00
dynamic_queue_limits.c
earlycpio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 283 2019-06-05 17:36:37 +02:00
error-inject.c
errseq.c
extable.c lib/extable.c: add missing prototypes 2019-09-25 17:51:39 -07:00
fault-inject.c fault-inject: clean up debugfs file creation logic 2019-06-18 13:47:24 +02:00
fdt.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_bit.c uapi: rename ext2_swab() to swab() and share globally in swab.h 2020-04-13 10:48:07 +02:00
find_bit_benchmark.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
flex_proportions.c
gen_crc32table.c
gen_crc64table.c
genalloc.c lib/genalloc: fix the overflow when size is too big 2021-01-12 20:16:10 +01:00
generic-radix-tree.c lib/generic-radix-tree.c: add kmemleak annotations 2019-10-14 15:04:00 -07:00
glob.c
globtest.c
hexdump.c hex2bin: fix access beyond string end 2022-05-09 09:03:22 +02:00
hweight.c x86/kconfig: Disable CONFIG_GENERIC_HWEIGHT and remove __HAVE_ARCH_SW_HWEIGHT 2019-05-13 11:07:33 +02:00
idr.c ida: don't use BUG_ON() for debugging 2022-07-12 16:30:49 +02:00
inflate.c
interval_tree.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
interval_tree_test.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
iomap.c
iomap_copy.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 504 2019-06-19 17:09:56 +02:00
iommu-helper.c
ioremap.c mm/ioremap: probe platform for p4d huge map support 2019-07-16 19:23:22 -07:00
iov_iter.c mm/highmem: Lift memcpy_[to|from]_page to core 2023-01-18 11:41:55 +01:00
irq_poll.c
irq_regs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
is_single_threaded.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
kasprintf.c
Kconfig ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE 2022-03-19 13:40:16 +01:00
Kconfig.debug Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled 2022-12-08 11:23:05 +01:00
Kconfig.kasan kasan: add memory corruption identification for software tag-based mode 2019-09-24 15:54:07 -07:00
Kconfig.kgdb treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.ubsan treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
kfifo.c Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" 2019-08-30 18:47:15 -07:00
klist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 248 2019-06-19 17:09:08 +02:00
kobject.c kobject: Restore old behaviour of kobject_del(NULL) 2020-09-17 13:47:52 +02:00
kobject_uevent.c kobject_uevent: remove warning in init_uevent_argv() 2021-05-19 10:08:33 +02:00
kstrtox.c lib: vsprintf: Fix handling of number field widths in vsscanf 2021-07-14 16:53:16 +02:00
kstrtox.h lib: vsprintf: Fix handling of number field widths in vsscanf 2021-07-14 16:53:16 +02:00
libcrc32c.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
list_debug.c lib/list_debug.c: Detect uninitialized lists 2022-08-25 11:18:36 +02:00
list_sort.c lib: list_sort.c: add a blank line to avoid kernel-doc warnings 2019-06-20 14:07:34 -06:00
llist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 2019-06-05 17:37:06 +02:00
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c lockref: stop doing cpu_relax in the cmpxchg loop 2023-02-06 07:52:42 +01:00
logic_pio.c PCI: Fix pci_register_io_range() memory leak 2021-03-17 17:03:44 +01:00
lru_cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 91 2019-05-24 17:37:53 +02:00
lshrdi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
Makefile avoid __memcat_p link failure 2021-05-07 10:51:37 +02:00
memcat_p.c
memory-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
memweight.c
muldi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
net_utils.c
netdev-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nlattr.c netlink: prevent potential spectre v1 gadgets 2023-02-06 07:52:45 +01:00
nmi_backtrace.c
nodemask.c nodemask: Fix return values to be unsigned 2022-06-14 18:12:02 +02:00
notifier-error-inject.c lib/notifier-error-inject: fix error when writing -errno to debugfs file 2023-01-18 11:40:55 +01:00
notifier-error-inject.h
objagg.c lib: objagg: Use struct_size() in kzalloc() 2019-06-05 19:03:39 -07:00
of-reconfig-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
oid_registry.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
once.c once: add DO_ONCE_SLOW() for sleepable contexts 2022-10-26 13:22:27 +02:00
packing.c lib: Add support for generic packing operations 2019-05-03 10:49:17 -04:00
parman.c
parser.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
pci_iomap.c
percpu-refcount.c Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu 2019-07-14 16:17:18 -07:00
percpu_counter.c
percpu_test.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
plist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 10 2019-05-21 11:28:45 +02:00
pm-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
radix-tree.c idr: Fix idr_alloc_u32 on 32-bit systems 2019-11-03 06:36:50 -05:00
random32.c random: replace custom notifier chain with standard one 2022-06-22 14:11:13 +02:00
ratelimit.c ratelimit: Fix data-races in ___ratelimit(). 2022-09-05 10:27:42 +02:00
rbtree.c lib/rbtree: avoid generating code twice for the cached versions 2019-07-16 19:23:22 -07:00
rbtree_test.c augmented rbtree: add new RB_DECLARE_CALLBACKS_MAX macro 2019-09-25 17:51:39 -07:00
refcount.c locking/refcount: Consolidate implementations of refcount_t 2022-07-29 17:14:17 +02:00
rhashtable.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sbitmap.c sbitmap: only queue kyber's wait callback if not already active 2020-01-12 12:21:44 +01:00
scatterlist.c sgl_alloc_order: fix memory leak 2020-11-05 11:43:22 +01:00
seq_buf.c seq_buf: Fix overflow in seq_buf_putmem_hex() 2021-07-19 08:53:16 +02:00
sg_pool.c SCSI sg on 20190709 2019-07-11 15:17:41 -07:00
sg_split.c lib: scatterlist: Fix to support no mapped sg 2019-08-08 07:45:01 -06:00
sha1.c lib/crypto: sha1: re-roll loops to reduce code size 2022-06-22 14:11:03 +02:00
show_mem.c mm: remove quicklist page table caches 2019-09-24 15:54:09 -07:00
siphash.c siphash: use one source of truth for siphash permutations 2022-06-22 14:11:16 +02:00
smp_processor_id.c sched/core: Provide a pointer to the valid CPU mask 2019-06-03 11:49:37 +02:00
sort.c media: lib/sort.c: implement sort() variant taking context argument 2019-08-19 13:14:53 -03:00
stackdepot.c lib: stackdepot: turn depot_lock spinlock to raw_spinlock 2021-05-22 11:38:30 +02:00
stmp_device.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
string.c lib/string.c: implement stpcpy 2020-10-01 13:18:23 +02:00
string_helpers.c lib/string_helpers: fix some kerneldoc warnings 2019-07-16 19:23:22 -07:00
strncpy_from_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-29 16:45:29 +01:00
strnlen_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-29 16:45:29 +01:00
syscall.c lib/syscall: fix syscall registers retrieval on 32-bit platforms 2020-12-11 13:23:32 +01:00
test-kstrtox.c
test-string_helpers.c
test_bitfield.c
test_bitmap.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_blackhole_dev.c blackhole_dev: add a selftest 2019-07-01 19:34:46 -07:00
test_bpf.c bpf/tests: Do not PASS tests without actually testing the result 2021-09-22 12:26:29 +02:00
test_debug_virtual.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_firmware.c test_firmware: fix memory leak in test_firmware_init() 2023-01-18 11:41:23 +01:00
test_hash.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_hexdump.c
test_ida.c
test_kasan.c kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE 2020-06-22 09:31:12 +02:00
test_kmod.c lib/test: use after free in register_test_dev_kmod() 2022-04-15 14:18:21 +02:00
test_list_sort.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_memcat_p.c
test_meminit.c lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test 2022-01-27 09:19:55 +01:00
test_module.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_objagg.c test_objagg: Fix potential memory leak in error handling 2020-06-30 15:37:04 -04:00
test_overflow.c lib/test_overflow.c: avoid tainting the kernel and fix wrap size 2019-07-16 19:23:22 -07:00
test_parman.c
test_printf.c vsprintf: don't obfuscate NULL and error pointers 2020-05-27 17:46:43 +02:00
test_rhashtable.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
test_siphash.c
test_sort.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_stackinit.c lib/test_stackinit: Fix static initializer test 2021-09-22 12:26:38 +02:00
test_static_key_base.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 2019-06-05 17:36:37 +02:00
test_static_keys.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 2019-06-05 17:36:37 +02:00
test_string.c lib/test_string.c: add some testcases for strchr and strnchr 2019-07-16 19:23:22 -07:00
test_strscpy.c
test_sysctl.c tools/testing/selftests/sysctl/sysctl.sh: add proc_do_large_bitmap() test case 2019-05-14 19:52:51 -07:00
test_ubsan.c
test_user_copy.c usercopy: Avoid soft lockups in test_check_nonzero_user() 2019-10-16 14:56:21 +02:00
test_uuid.c
test_vmalloc.c lib/test_vmalloc.c:test_func(): eliminate local `ret' 2019-05-14 19:52:49 -07:00
test_xarray.c XArray: Fix xas_create_range() when multi-order entry present 2022-04-15 14:18:28 +02:00
textsearch.c lib: textsearch: fix escapes in example code 2019-10-03 12:12:23 -04:00
timerqueue.c lib/timerqueue: Rely on rbtree semantics for next timer 2019-07-24 17:38:01 +02:00
ts_bm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ts_fsm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ts_kmp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ubsan.c lib/ubsan: don't serialize UBSAN report 2020-01-09 10:20:07 +01:00
ubsan.h ubsan: Remove vla bound checks. 2019-05-06 11:12:09 -07:00
ucmpdi2.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
ucs2_string.c
usercopy.c uaccess: Add speculation barrier to copy_from_user() 2023-02-25 11:53:26 +01:00
uuid.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
vsprintf.c random: replace custom notifier chain with standard one 2022-06-22 14:11:13 +02:00
win_minmax.c
xarray.c XArray: Update the LRU list in xas_split() 2022-04-15 14:18:28 +02:00
xxhash.c