Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()

From: Alexey Dobriyan
Date: Wed May 29 2019 - 16:34:40 EST

Next message: Jens Axboe: "Re: [PATCH] block: fix a crash in do_task_dead()"
Previous message: Eric Biggers: "Re: [PATCH] crypto: gcm - fix cacheline sharing"
In reply to: Dianzhang Chen: "Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()"
Next in thread: Matthew Wilcox: "Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I think it makes more sense to sanitize size in size_index_elem(),
> don't you?

> - return (bytes - 1) / 8;
> + return array_index_nospec((bytes - 1) / 8, ARRAY_SIZE(size_index));

I think it should be fixed in poll.
Literally every small variable kmalloc call is going through this function.

Next message: Jens Axboe: "Re: [PATCH] block: fix a crash in do_task_dead()"
Previous message: Eric Biggers: "Re: [PATCH] crypto: gcm - fix cacheline sharing"
In reply to: Dianzhang Chen: "Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()"
Next in thread: Matthew Wilcox: "Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]