]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 917d427) | patch
KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
authorMark Rutland <mark.rutland@arm.com>
Wed, 25 Apr 2018 16:13:41 +0000 (17:13 +0100)
committerStefan Bader <stefan.bader@canonical.com>
Wed, 24 Apr 2019 08:06:41 +0000 (10:06 +0200)
commit52130c438ba934bb7549dcbe8af5ac483e3bfc3b
tree776150b07cf92dc20538980d033bf9fb0ae4d93dtree
parent917d427f2a6f3c6e40579b143e64781445876a8bcommit | diff
KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()

It's possible for userspace to control intid. Sanitize intid when using
it as an array index.

At the same time, sort the includes when adding <linux/nospec.h>.

Found by smatch.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
Signed-off-by: Will Deacon <will.deacon@arm.com>
CVE-2017-5753

(backported from commit 41b87599c74300027f305d7b34368ec558978ff2)
[juergh: Adjusted context.]
Signed-off-by: Juerg Haefliger <juergh@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
virt/kvm/arm/vgic/vgic.c diff | blob | blame | history
ubuntu-bionic-kernel mirror