redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/arch/arm/include/asm
History
Russell King 57bff812c4 ARM: spectre-v1: mitigate user accesses 
Commit a3c0f84765 upstream.

Spectre variant 1 attacks are about this sequence of pseudo-code:

	index = load(user-manipulated pointer);
	access(base + index * stride);

In order for the cache side-channel to work, the access() must me made
to memory which userspace can detect whether cache lines have been
loaded.  On 32-bit ARM, this must be either user accessible memory, or
a kernel mapping of that same user accessible memory.

The problem occurs when the load() speculatively loads privileged data,
and the subsequent access() is made to user accessible memory.

Any load() which makes use of a user-maniplated pointer is a potential
problem if the data it has loaded is used in a subsequent access.  This
also applies for the access() if the data loaded by that access is used
by a subsequent access.

Harden the get_user() accessors against Spectre attacks by forcing out
of bounds addresses to a NULL pointer.  This prevents get_user() being
used as the load() step above.  As a side effect, put_user() will also
be affected even though it isn't implicated.

Also harden copy_from_user() by redoing the bounds check within the
arm_copy_from_user() code, and NULLing the pointer if out of bounds.

Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: David A. Long <dave.long@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-10-18 09:16:28 +02:00
..
hardware License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mach ARM/PCI: Convert PCI scan API to pci_scan_root_bus_bridge() 2017-06-28 15:13:55 -05:00
xen License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kbuild ARM: 8715/1: add a private asm/unaligned.h 2017-10-24 10:33:23 +01:00
arch_gicv3.h irqchip/gic-v3-its: Add VPE interrupt masking 2017-08-31 15:31:38 +01:00
arch_timer.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
arm-cci.h
asm-offsets.h
assembler.h ARM: spectre-v1: mitigate user accesses 2018-10-18 09:16:28 +02:00
atomic.h locking/atomic: Remove linux/atomic.h:atomic_fetch_or() 2016-06-16 10:48:32 +02:00
auxvec.h
bL_switcher.h
barrier.h ARM: spectre-v1: add array_index_mask_nospec() implementation 2018-10-18 09:16:27 +02:00
bitops.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
bitrev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
bug.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
bugs.h ARM: bugs: hook processor bug checking into SMP and suspend paths 2018-10-18 09:16:26 +02:00
cache.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cacheflush.h randstruct: opt-out externally exposed function pointer structs 2017-06-30 12:00:52 -07:00
cachetype.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
checksum.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
clocksource.h arm/arm64: arch_timer: Use archdata to indicate vdso suitability 2016-09-23 17:19:25 +01:00
cmpxchg.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compiler.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cp15.h ARM: spectre-v2: harden user aborts in kernel space 2018-10-18 09:16:26 +02:00
cpu.h
cpufeature.h ARM: 8663/1: wire up HWCAP/HWCAP2 feature bits to the CPU modalias 2017-03-30 19:45:52 +01:00
cpuidle.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cputype.h ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs 2018-10-18 09:16:25 +02:00
cti.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dcc.h
delay.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
device.h ARM: dma-mapping: Don't tear down third-party mappings 2017-05-30 11:31:33 +02:00
div64.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dma-contiguous.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dma-iommu.h kmemcheck: remove annotations 2018-02-22 15:42:23 +01:00
dma-mapping.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dma.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dmi.h efi/arm: Enable DMI/SMBIOS 2017-06-05 17:50:44 +02:00
domain.h ARM: 8573/1: domain: move {set,get}_domain under config guard 2016-05-05 19:03:02 +01:00
ecard.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
edac.h
efi.h efi/arm-stub: Correct FDT and initrd allocation rules for arm64 2017-04-05 12:27:23 +02:00
elf.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
entry-macro-multi.S License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
exception.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fb.h
fiq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
firmware.h
fixmap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flat.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
floppy.h ARM: 8584/1: floppy: avoid gcc-6 warning 2016-07-02 11:02:13 +01:00
fncpy.h
fpstate.h
ftrace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
futex.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
glue-cache.h ARM: 8607/1: V7M: Wire up caches for V7M processors with cache support. 2016-09-06 15:51:08 +01:00
glue-df.h
glue-pf.h
glue-proc.h
glue.h
gpio.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hardirq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
highmem.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hugetlb-3level.h
hugetlb.h
hw_breakpoint.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hw_irq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hwcap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hypervisor.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ide.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
idmap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
insn.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
io.h ARM: Implement pci_remap_cfgspace() interface 2017-04-24 13:53:13 -05:00
irq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
irq_work.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
irqflags.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
jump_label.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kexec.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kgdb.h ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size 2018-07-03 11:24:51 +02:00
kmap_types.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kprobes.h kprobes: move kprobe declarations to asm-generic/kprobes.h 2017-02-27 18:43:45 -08:00
kvm_arm.h arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one 2017-12-14 09:53:00 +01:00
kvm_asm.h ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 2018-10-18 09:16:27 +02:00
kvm_coproc.h KVM: arm: plug potential guest hardware debug leakage 2017-05-15 14:29:19 +02:00
kvm_emulate.h KVM: arm/arm64: Fix guest external abort matching 2017-09-05 17:33:37 +02:00
kvm_host.h ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1 2018-10-18 09:16:27 +02:00
kvm_hyp.h ARM: KVM: move asmlinkage before type 2017-07-12 16:26:04 -07:00
kvm_mmio.h KVM: arm/arm64: Export mmio_read/write_bus 2016-05-20 15:39:42 +02:00
kvm_mmu.h ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 2018-10-18 09:16:27 +02:00
limits.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
linkage.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mc146818rtc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mcpm.h
mcs_spinlock.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
memblock.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
memory.h ARM: 8648/2: nommu: display vectors base 2017-02-28 11:06:14 +00:00
mmu.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mmu_context.h sched/headers: Prepare to remove the <linux/mm_types.h> dependency from <linux/sched.h> 2017-03-02 08:42:37 +01:00
module.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mpu.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mtd-xip.h
neon.h
nwflash.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
opcodes-sec.h
opcodes-virt.h
opcodes.h
outercache.h
page-nommu.h ARM: 8684/1: NOMMU: Remove unused KTHREAD_SIZE definition 2017-06-27 14:58:10 +01:00
page.h
paravirt.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
patch.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pci.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
percpu.h
perf_event.h
pgalloc.h kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK 2018-02-22 15:42:23 +01:00
pgtable-2level-hwdef.h ARM: 8612/1: LPAE: initialize cache policy correctly 2016-09-12 12:12:30 +01:00
pgtable-2level-types.h
pgtable-2level.h ARM: 8578/1: mm: ensure pmd_present only checks the valid bit 2016-06-09 17:51:47 +01:00
pgtable-3level-hwdef.h ARM: 8612/1: LPAE: initialize cache policy correctly 2016-09-12 12:12:30 +01:00
pgtable-3level-types.h
pgtable-3level.h ARM: 8579/1: mm: Fix definition of pmd_mknotpresent 2016-06-09 17:51:47 +01:00
pgtable-hwdef.h
pgtable-nommu.h ARM: 8676/1: NOMMU: provide pgprot_device() macro 2017-06-05 10:29:40 +01:00
pgtable.h arch, mm: convert all architectures to use 5level-fixup.h 2017-03-09 11:48:47 -08:00
probes.h
proc-fns.h ARM: bugs: add support for per-processor bug checking 2018-10-18 09:16:26 +02:00
processor.h locking/core: Provide common cpu_relax_yield() definition 2016-11-17 08:17:36 +01:00
procinfo.h
prom.h
psci.h ARM: SoC cleanups for v4.5 2016-01-20 17:55:20 -08:00
ptrace.h linux/compiler.h: Split into compiler.h and compiler_types.h 2017-12-25 14:26:33 +01:00
sections.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
set_memory.h treewide: move set_memory_* functions away from cacheflush.h 2017-05-08 17:15:13 -07:00
setup.h ARM: 8495/1: ATAGS: move save_atags() to arch/arm/include/asm/setup.h 2016-01-04 11:26:00 +00:00
shmparam.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
signal.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smp.h ARM: 8423/1: add const qualifier to smp_operations member in structures 2015-09-22 08:13:57 +01:00
smp_plat.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smp_scu.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smp_twd.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sparsemem.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
spinlock.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
spinlock_types.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stackprotector.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stacktrace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stage2_pgtable.h kvm-arm: arm32: Introduce stage2 page table helpers 2016-04-21 14:57:26 +02:00
string.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
suspend.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
swab.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
switch_to.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sync_bitops.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
syscall.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
system_info.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
system_misc.h ARM: spectre-v2: harden user aborts in kernel space 2018-10-18 09:16:26 +02:00
tcm.h
therm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
thread_info.h ARM: vfp: use __copy_from_user() when restoring VFP state 2018-10-18 09:16:28 +02:00
thread_notify.h
timex.h
tlb.h mm: fix MADV_[FREE|DONTNEED] TLB flush miss problem 2017-08-10 15:54:07 -07:00
tlbflush.h sched/headers: Prepare to remove the <linux/mm_types.h> dependency from <linux/sched.h> 2017-03-02 08:42:37 +01:00
tls.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
topology.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trusted_foundations.h treewide: remove redundant #include <linux/kconfig.h> 2016-10-11 15:06:33 -07:00
uaccess.h ARM: spectre-v1: use get_user() for __get_user() 2018-10-18 09:16:28 +02:00
ucontext.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
unaligned.h ARM: 8715/1: add a private asm/unaligned.h 2017-10-24 10:33:23 +01:00
unified.h
unistd.h ARM: wire up new pkey syscalls 2016-10-19 10:18:47 +01:00
unwind.h
uprobes.h
user.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
v7m.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vdso.h ARM: 8748/1: mm: Define vdso_start, vdso_end as array 2018-05-30 07:52:20 +02:00
vdso_datapage.h
vfp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vfpmacros.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vga.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
virt.h ARM: hyp-stub/KVM: Kill __hyp_get_vectors 2017-04-09 07:49:34 -07:00
word-at-a-time.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xor.h