| Message ID | 01c904cae0a339aeb07d383f9f46526f5467b096.1530196995.git.juergh@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,Trusty,PULL] Prevent speculation on user controlled pointer (LP: #1775137) | expand |
ping. On 06/28/2018 04:47 PM, Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled > pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for > unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other > stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while > now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Compile-tested all supported architectures. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > --- > > The following changes since commit 182dabb3ee807633a0a11e8bbac93a64d111fdd3: > > UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb() (2018-06-28 16:08:50 +0200) > > are available in the Git repository at: > > git://git.launchpad.net/~juergh/+git/trusty-linux lp1775137 > > for you to fetch changes up to 01c904cae0a339aeb07d383f9f46526f5467b096: > > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec (2018-06-28 16:41:27 +0200) > > ---------------------------------------------------------------- > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 47 +++++++++++++++----- > arch/x86/include/asm/uaccess_32.h | 24 ++++++++++ > arch/x86/include/asm/uaccess_64.h | 94 +++++++++++++++++++++++++++------------ > arch/x86/lib/usercopy_32.c | 20 ++++----- > 4 files changed, 136 insertions(+), 49 deletions(-) >
On 28.06.2018 16:47, Juerg Haefliger wrote: > BugLink: https://bugs.launchpad.net/bugs/1775137 > > == SRU Justification == > Upstream's Spectre v1 mitigation prevents speculation on a user controlled > pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for > unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other > stable upstream kernels include it, so add it to our older kernels. > > == Fix == > Backport the following patches: > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > > == Regression Potential == > Low. Patches have been in upstream (and other distro kernels) for quite a while > now and the changes only introduce a barrier on copy_from_user operations. > > == Test Case == > TBD. > > Compile-tested all supported architectures. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > --- > > The following changes since commit 182dabb3ee807633a0a11e8bbac93a64d111fdd3: > > UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb() (2018-06-28 16:08:50 +0200) > > are available in the Git repository at: > > git://git.launchpad.net/~juergh/+git/trusty-linux lp1775137 > > for you to fetch changes up to 01c904cae0a339aeb07d383f9f46526f5467b096: > > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec (2018-06-28 16:41:27 +0200) > > ---------------------------------------------------------------- > Dan Williams (3): > x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec > x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} > x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec > > Linus Torvalds (2): > x86: reorganize SMAP handling in user space accesses > x86: fix SMAP in 32-bit environments > > arch/x86/include/asm/uaccess.h | 47 +++++++++++++++----- > arch/x86/include/asm/uaccess_32.h | 24 ++++++++++ > arch/x86/include/asm/uaccess_64.h | 94 +++++++++++++++++++++++++++------------ > arch/x86/lib/usercopy_32.c | 20 ++++----- > 4 files changed, 136 insertions(+), 49 deletions(-) > Acked-by: Stefan Bader <stefan.bader@canonical.com> Apart from not being able to always fully understand what is done things looked to be according to was was said in the commit messages. Maybe the only thing I was idly wondering was why half of it is backported from upstream and other things taken from 3.16.y. Of course this depends on the other pull request which I would hope gets re-sent after cleaning up. -Stefan
On 07/25/2018 04:04 PM, Stefan Bader wrote: > On 28.06.2018 16:47, Juerg Haefliger wrote: >> BugLink: https://bugs.launchpad.net/bugs/1775137 >> >> == SRU Justification == >> Upstream's Spectre v1 mitigation prevents speculation on a user controlled >> pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for >> unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other >> stable upstream kernels include it, so add it to our older kernels. >> >> == Fix == >> Backport the following patches: >> x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec >> x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} >> x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec >> >> == Regression Potential == >> Low. Patches have been in upstream (and other distro kernels) for quite a while >> now and the changes only introduce a barrier on copy_from_user operations. >> >> == Test Case == >> TBD. >> >> Compile-tested all supported architectures. >> >> Signed-off-by: Juerg Haefliger <juergh@canonical.com> >> --- >> >> The following changes since commit 182dabb3ee807633a0a11e8bbac93a64d111fdd3: >> >> UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb() (2018-06-28 16:08:50 +0200) >> >> are available in the Git repository at: >> >> git://git.launchpad.net/~juergh/+git/trusty-linux lp1775137 >> >> for you to fetch changes up to 01c904cae0a339aeb07d383f9f46526f5467b096: >> >> x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec (2018-06-28 16:41:27 +0200) >> >> ---------------------------------------------------------------- >> Dan Williams (3): >> x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec >> x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} >> x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec >> >> Linus Torvalds (2): >> x86: reorganize SMAP handling in user space accesses >> x86: fix SMAP in 32-bit environments >> >> arch/x86/include/asm/uaccess.h | 47 +++++++++++++++----- >> arch/x86/include/asm/uaccess_32.h | 24 ++++++++++ >> arch/x86/include/asm/uaccess_64.h | 94 +++++++++++++++++++++++++++------------ >> arch/x86/lib/usercopy_32.c | 20 ++++----- >> 4 files changed, 136 insertions(+), 49 deletions(-) >> > Acked-by: Stefan Bader <stefan.bader@canonical.com> > > Apart from not being able to always fully understand what is done things looked > to be according to was was said in the commit messages. Maybe the only thing I > was idly wondering was why half of it is backported from upstream and other > things taken from 3.16.y. I was cherry-picking from upstream if possible and only reverted to stable patches if necessary. I'll fix it up and resend a new PR (should be no code changes). ...Juerg > Of course this depends on the other pull request which I would hope gets re-sent > after cleaning up. > > -Stefan >
BugLink: https://bugs.launchpad.net/bugs/1775137 == SRU Justification == Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels. == Fix == Backport the following patches: x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec == Regression Potential == Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations. == Test Case == TBD. Compile-tested all supported architectures. Signed-off-by: Juerg Haefliger <juergh@canonical.com> --- The following changes since commit 182dabb3ee807633a0a11e8bbac93a64d111fdd3: UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb() (2018-06-28 16:08:50 +0200) are available in the Git repository at: git://git.launchpad.net/~juergh/+git/trusty-linux lp1775137 for you to fetch changes up to 01c904cae0a339aeb07d383f9f46526f5467b096: x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec (2018-06-28 16:41:27 +0200) ---------------------------------------------------------------- Dan Williams (3): x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec Linus Torvalds (2): x86: reorganize SMAP handling in user space accesses x86: fix SMAP in 32-bit environments arch/x86/include/asm/uaccess.h | 47 +++++++++++++++----- arch/x86/include/asm/uaccess_32.h | 24 ++++++++++ arch/x86/include/asm/uaccess_64.h | 94 +++++++++++++++++++++++++++------------ arch/x86/lib/usercopy_32.c | 20 ++++----- 4 files changed, 136 insertions(+), 49 deletions(-)