On Fri, Aug 08, 2025 at 01:11:20PM +0200, Jacek Lawrynowicz wrote:
Fix potential Spectre vulnerability in repoted by smatch: warn: potential spectre issue 'vdev->hw->hws.grace_period' [w] (local cap) warn: potential spectre issue 'vdev->hw->hws.process_grace_period' [w] (local cap) warn: potential spectre issue 'vdev->hw->hws.process_quantum' [w] (local cap)
The priority_bands_fops_write() function in ivpu_debugfs.c uses an index 'band' derived from user input. This index is used to write to the vdev->hw->hws.grace_period, vdev->hw->hws.process_grace_period, and vdev->hw->hws.process_quantum arrays.
This pattern presented a potential Spectre Variant 1 (Bounds Check Bypass) vulnerability. An attacker-controlled 'band' value could theoretically lead to speculative out-of-bounds array writes if the CPU speculatively executed these assignments before the bounds check on 'band' was fully resolved.
You do know that debugfs access is restricted to root access only, so spectre issues are the least of your worries if you have root :)
That being said, no real objection from me for this, but there's probably a metric-ton of these in other debugfs files if you want to start whacking away at them...
thanks,
greg k-h