Message ID | 1519908862-11425-17-git-send-email-alex.shi@linaro.org |
---|---|
State | New |
Headers | show
Delivered-To: patch@linaro.org Received: by 10.80.172.228 with SMTP id x91csp2762063edc; Thu, 1 Mar 2018 04:57:27 -0800 (PST) X-Google-Smtp-Source: AG47ELszMOJ2RuKi3YxdN90oJW1Z1KfzKiOOfFbRIp3g2LkfEvxfREROdJz2bDP1Yueu9ZIxFYEM X-Received: by 2002:a17:902:4827:: with SMTP id s36-v6mr1834533pld.269.1519909047375; Thu, 01 Mar 2018 04:57:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519909047; cv=none; d=google.com; s=arc-20160816; b=WVBsazIUFTzmRPZrOGdQlIR4QWCC9Q1tNiy/Ut01ncBoANlsRksxSq9ZZidN+5jW7s g7jvE/0ZRnkldz6deyHmZls/GN/RZkjKWup1wZMsn3KXJ3+Ht82BIVFeTaxkog/DpuwH d9QY71AFSVCxB4OvmkMi6167lvEZngD8U00luyVDoRXb6KXw8L8neU/2L8GthjrJiU2W Zi18TXqXJ2tkeHcmrzoernOGiTij5UYyqw6UEHXYjiuycse+QkyREWC2kr2VV7fNpI/n eKoKHwBA4TQ8vBdHjtAR+VD1iBLdJNZjFBANWf0t8parZJ1eWN0vwZ1kpZlEsxmUodK7 Sdow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=RdpE7iykfSRyUHlyiTypUt5pG2kDjHqgdWq/qtP7cnM=; b=Xp+pDzZOSpk3nRnN3JW0LEQttWlBF1gSWvRVpeQS1+rS1v7JuF5Z6o/hBqIZsIqtG1 jMQN2w60Re4zfYp10hK0clvGVWaELcL1HeM4hyErvKwHl2mkrVlvy1X0wmzrKvX7gnDL lm/MtJBH9n5V3Wmrx5/YsD89UeS2ULX6KP4AWTPifFsSgSHeOCRLxyy92H285vASMiTW zVtuRcyz9K4x/iI2jHwmAjGPJhnDEz03OhfcOHW1Tmw/PWrZJ0DHGH2U73tFVJ4y+jl7 5cIY5ta5u7BPfJdU50QINsPH6U11b/ypQlanIck52BSmFboF1GWirls1pKZIxylFWkT0 nhVg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UCUlHyYS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: <linux-kernel-owner@vger.kernel.org> Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w2-v6si84737plq.739.2018.03.01.04.57.27; Thu, 01 Mar 2018 04:57:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UCUlHyYS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030854AbeCAM5X (ORCPT <rfc822; dan.rue@linaro.org> + 28 others); Thu, 1 Mar 2018 07:57:23 -0500 Received: from mail-pf0-f193.google.com ([209.85.192.193]:40556 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1030790AbeCAM5S (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Thu, 1 Mar 2018 07:57:18 -0500 Received: by mail-pf0-f193.google.com with SMTP id x1so522983pfh.7 for <linux-kernel@vger.kernel.org>; Thu, 01 Mar 2018 04:57:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=RdpE7iykfSRyUHlyiTypUt5pG2kDjHqgdWq/qtP7cnM=; b=UCUlHyYShZhZO4lfFa0NSZDxFqINN4HY50VWrgVssgdPoAFqIFx9sn76t1qw56t96d OZer8JiD+RjYGmlrjepmvtkjyg2Spy9b7GLzelTP1SWvbb9ADMxuYP3VstOaX1SnioSj EAtU7FAuZ82qqAxUMPeznAZ5FRz5GWy38zN4U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=RdpE7iykfSRyUHlyiTypUt5pG2kDjHqgdWq/qtP7cnM=; b=CRSGjNCHeGLMSfHYDA12cE5de0THeG45PmofXy9hmX00/oWYiMaLO6r33yHBMCB9mG RQoRkifdXlHc0qt+T6eNN+kkYWEy6VXC/zEOn+of1dY5rEOs9NgABWA1tr93eN6XVnnh gSqp3NGKoSgC/BCDLSvMzI3vVX5OonFquTIVqV/wH9R4BLH6uvvXGVE4nCvXaoyfmD4n GehCImRfcC0T1EH6Gj7wQTqEgMe4/adLA5Jb2gJ/K6EDydCVMfU5FDlvUvi33kTATuUT 3hV+LGr1cneaCVcNBbFeR+H1gAhjeeBaczcsv0ywbnz8qFM8dgq4AxLsXUvLkykTouIe 03/A== X-Gm-Message-State: APf1xPA/NG1FlIAmuRnc0XxxwOn3sOncEYv3HkKdE1hinmBvBaPmpWLp 75eOUKiw9ywfYJCIx5eVvU6Z2gqqSNE= X-Received: by 10.98.35.68 with SMTP id j65mr1851262pfj.5.1519909037479; Thu, 01 Mar 2018 04:57:17 -0800 (PST) Received: from localhost.localdomain (176.122.172.82.16clouds.com. [176.122.172.82]) by smtp.gmail.com with ESMTPSA id x4sm2289655pfb.46.2018.03.01.04.57.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 01 Mar 2018 04:57:16 -0800 (PST) From: Alex Shi <alex.shi@linaro.org> To: Marc Zyngier <marc.zyngier@arm.com>, Will Deacon <will.deacon@arm.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, Catalin Marinas <catalin.marinas@arm.com>, stable@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Cc: Alex Shi <alex.shi@linaro.org> Subject: [PATCH 16/45] arm64: futex: Mask __user pointers prior to dereference Date: Thu, 1 Mar 2018 20:53:53 +0800 Message-Id: <1519908862-11425-17-git-send-email-alex.shi@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519908862-11425-1-git-send-email-alex.shi@linaro.org> References: <1519908862-11425-1-git-send-email-alex.shi@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org |
Series |
arm Spectre fix backport review for LTS 4.9
|
expand
|
diff --git a/arch/arm64/include/asm/futex.h b/arch/arm64/include/asm/futex.h index 85c4a89..1943cf6 100644 --- a/arch/arm64/include/asm/futex.h +++ b/arch/arm64/include/asm/futex.h @@ -48,13 +48,14 @@ do { \ } while (0) static inline int -futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) +futex_atomic_op_inuser (int encoded_op, u32 __user *_uaddr) { int op = (encoded_op >> 28) & 7; int cmp = (encoded_op >> 24) & 15; int oparg = (encoded_op << 8) >> 20; int cmparg = (encoded_op << 20) >> 20; int oldval = 0, ret, tmp; + u32 __user *uaddr = __uaccess_mask_ptr(_uaddr); if (encoded_op & (FUTEX_OP_OPARG_SHIFT << 28)) oparg = 1 << oparg; @@ -106,15 +107,17 @@ futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) } static inline int -futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, +futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *_uaddr, u32 oldval, u32 newval) { int ret = 0; u32 val, tmp; + u32 __user *uaddr; - if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))) + if (!access_ok(VERIFY_WRITE, _uaddr, sizeof(u32))) return -EFAULT; + uaddr = __uaccess_mask_ptr(_uaddr); uaccess_enable(); asm volatile("// futex_atomic_cmpxchg_inatomic\n" " prfm pstl1strm, %2\n"