]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit
projects / mirror_ubuntu-artful-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ce8861e) | patch
userns: prevent speculative execution
authorElena Reshetova <elena.reshetova@intel.com>
Fri, 15 Dec 2017 10:29:09 +0000 (02:29 -0800)
committerKleber Sacilotto de Souza <kleber.souza@canonical.com>
Mon, 5 Feb 2018 15:56:06 +0000 (16:56 +0100)
commitd7ef79d09c3ebf59a0d04c7c803d8f1a99543ab6
tree82677bc99b3f6b35a4b493b69808ed2d40c097actree
parentce8861e5b4e7c92adf9afbbddb99af9834638fc9commit | diff
userns: prevent speculative execution

CVE-2017-5753 (Spectre v1 Intel)

Since the pos value in function m_start()
seems to be controllable by userspace and later on
conditionally (upon bound check) used to resolve
map->extent, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
kernel/user_namespace.c diff | blob | blame | history
Ubuntu Artful kernel mirror