24 Feb
2023
24 Feb
'23
9:56 a.m.
On Fri, Feb 24, 2023 at 10:13:45AM +0100, Daniel Borkmann wrote:
On 2/23/23 2:04 PM, Greg Kroah-Hartman wrote:
From: Dave Hansen dave.hansen@linux.intel.com
commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 upstream.
The results of "access_ok()" can be mis-speculated. The result is that you can end speculatively:
if (access_ok(from, size)) // Right here
even for bad from/size combinations. On first glance, it would be ideal to just add a speculation barrier to "access_ok()" so that its results can never be mis-speculated.
Keep in mind this also needs commit f3dd0c53370e ("bpf: add missing header file include") as follow-up everywhere you queue this one.
Already queued up in the -rc2 releases, thanks!
greg k-h