admin/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2025-12-07 20:06:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
af86ca4e3088fe5eacf2f7e58c01fa68ca067672
linux/kernel
History
Alexei Starovoitov af86ca4e30 bpf: Prevent memory disambiguation attack 
Detect code patterns where malicious 'speculative store bypass' can be used
and sanitize such patterns.

 39: (bf) r3 = r10
 40: (07) r3 += -216
 41: (79) r8 = *(u64 *)(r7 +0)   // slow read
 42: (7a) *(u64 *)(r10 -72) = 0  // verifier inserts this instruction
 43: (7b) *(u64 *)(r8 +0) = r3   // this store becomes slow due to r8
 44: (79) r1 = *(u64 *)(r6 +0)   // cpu speculatively executes this load
 45: (71) r2 = *(u8 *)(r1 +0)    // speculatively arbitrary 'load byte'
                                 // is now sanitized

Above code after x86 JIT becomes:
 e5: mov    %rbp,%rdx
 e8: add    $0xffffffffffffff28,%rdx
 ef: mov    0x0(%r13),%r14
 f3: movq   $0x0,-0x48(%rbp)
 fb: mov    %rdx,0x0(%r14)
 ff: mov    0x0(%rbx),%rdi
103: movzbq 0x0(%rdi),%rsi

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2018-05-19 20:44:24 +02:00
..
bpf
bpf: Prevent memory disambiguation attack
2018-05-19 20:44:24 +02:00
cgroup
Merge branch 'for-4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2018-04-03 18:00:13 -07:00
configs
Merge tag 'kvm-4.16-1' of git://git.kernel.org/pub/scm/virt/kvm/kvm
2018-02-10 13:16:35 -08:00
debug
Merge tag 'for_linus-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/kgdb
2018-04-12 10:21:19 -07:00
events
perf: Remove superfluous allocation error check
2018-04-17 09:47:40 -03:00
gcov
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
irq
genirq/affinity: Spread irq vectors among present CPUs as far as possible
2018-04-06 12:19:51 +02:00
livepatch
livepatch: Allow to call a custom callback when freeing shadow variables
2018-04-17 13:42:48 +02:00
locking
locking/rwsem: Add DEBUG_RWSEMS to look for lock/unlock mismatches
2018-03-31 07:30:50 +02:00
power
PM / QoS: mark expected switch fall-throughs
2018-04-09 13:49:40 +02:00
printk
Merge tag 'trace-v4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2018-04-10 11:27:30 -07:00
rcu
Merge branches 'fixes.2018.02.23a', 'srcu.2018.02.20a' and 'torture.2018.02.20a' into HEAD
2018-02-23 15:15:41 -08:00
sched
Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-04-15 12:43:30 -07:00
time
Revert: Unify CLOCK_MONOTONIC and CLOCK_BOOTTIME
2018-04-26 14:53:32 +02:00
trace
Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-04-29 09:03:25 -07:00
.gitignore
acct.c
kernel/acct.c: fix the acct->needcheck check in check_free_space()
2018-01-04 16:45:09 -08:00
async.c
kernel/async.c: revert "async: simplify lowest_in_progress()"
2018-02-06 18:32:44 -08:00
audit_fsnotify.c
audit_tree.c
audit: track the owner of the command mutex ourselves
2018-02-23 11:22:22 -05:00
audit_watch.c
Merge tag 'audit-pr-20170816' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2017-08-16 16:48:34 -07:00
audit.c
Merge tag 'audit-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2018-04-06 15:01:25 -07:00
audit.h
audit: track the owner of the command mutex ourselves
2018-02-23 11:22:22 -05:00
auditfilter.c
audit: deprecate the AUDIT_FILTER_ENTRY filter
2018-02-15 14:36:29 -05:00
auditsc.c
audit: bail before bug check if audit disabled
2018-02-15 14:40:25 -05:00
backtracetest.c
bounds.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
capability.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
compat.c
mm: add kernel_move_pages() helper, move compat syscall to mm/migrate.c
2018-04-02 20:15:32 +02:00
configs.c
context_tracking.c
cpu_pm.c
PM / CPU: replace raw_notifier with atomic_notifier
2017-07-31 13:09:49 +02:00
cpu.c
cpu/hotplug: Fix unused function warning
2018-03-15 20:34:40 +01:00
crash_core.c
kexec: export PG_swapbacked to VMCOREINFO
2018-04-13 17:10:27 -07:00
crash_dump.c
cred.c
delayacct.c
delayacct: Account blkio completion on the correct task
2018-01-16 03:29:36 +01:00
dma.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
elfcore.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
exec_domain.c
get rid of pointless includes of fs_struct.h
2018-02-22 14:28:50 -05:00
exit.c
kernel: use kernel_wait4() instead of sys_wait4()
2018-04-02 20:14:51 +02:00
extable.c
extable: Make init_kernel_text() global
2018-02-21 16:54:06 +01:00
fail_function.c
error-injection: Fix to prohibit jump optimization
2018-03-12 16:16:00 +01:00
fork.c
fork: unconditionally clear stack on fork
2018-04-20 17:18:35 -07:00
freezer.c
futex_compat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
futex.c
pids: introduce find_get_task_by_vpid() helper
2018-02-06 18:32:46 -08:00
groups.c
kernel: make groups_sort calling a responsibility group_info allocators
2017-12-14 16:00:49 -08:00
hung_task.c
irq_work.c
irq/work: Improve the flag definitions
2018-01-08 19:43:15 +01:00
jump_label.c
jump_label: Disable jump labels in __exit code
2018-03-20 08:57:17 +01:00
kallsyms.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk
2018-02-01 13:36:15 -08:00
kcmp.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kcov: detect double association with a single task
2018-02-06 18:32:46 -08:00
kexec_core.c
x86/mm, kexec: Allow kexec to be used with SME
2017-07-18 11:38:04 +02:00
kexec_file.c
kernel/kexec_file.c: allow archs to set purgatory load address
2018-04-13 17:10:28 -07:00
kexec_internal.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
kexec.c
kexec: call do_kexec_load() in compat syscall directly
2018-04-02 20:15:01 +02:00
kmod.c
kmod: move #ifdef CONFIG_MODULES wrapper to Makefile
2017-09-08 18:26:51 -07:00
kprobes.c
kprobes: Fix random address output of blacklist file
2018-04-25 10:27:56 -04:00
ksysfs.c
kexec: move vmcoreinfo out of the kernel's .bss section
2017-07-12 16:25:59 -07:00
kthread.c
treewide: Remove TIMER_FUNC_TYPE and TIMER_DATA_TYPE casts
2017-11-21 16:35:54 -08:00
latencytop.c
Makefile
error-injection: Support fault injection framework
2018-01-12 17:33:38 -08:00
memremap.c
kernel/memremap: Remove stale devres_free() call
2018-03-06 10:58:54 -08:00
module_signing.c
module-internal.h
module.c
module: Fix display of wrong module .text address
2018-04-18 22:59:46 +02:00
notifier.c
nsproxy.c
padata.c
padata: add SPDX identifier
2018-01-05 18:43:00 +11:00
panic.c
taint: add taint for randstruct
2018-04-11 10:28:35 -07:00
params.c
kernel/params.c: downgrade warning for unsafe parameters
2018-04-11 10:28:37 -07:00
pid_namespace.c
Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2018-04-03 19:15:32 -07:00
pid.c
xarray: add the xa_lock to the radix_tree_root
2018-04-11 10:28:39 -07:00
profile.c
ptrace.c
pids: introduce find_get_task_by_vpid() helper
2018-02-06 18:32:46 -08:00
range.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
reboot.c
kernel/reboot.c: add devm_register_reboot_notifier()
2017-11-17 16:10:04 -08:00
relay.c
kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
2018-02-21 15:35:43 -08:00
resource.c
resource: fix integer overflow at reallocation
2018-04-13 17:10:27 -07:00
seccomp.c
seccomp: Move speculation migitation control to arch code
2018-05-05 00:51:44 +02:00
signal.c
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2018-04-07 11:11:41 -07:00
smp.c
smp/core: Use lockdep to assert IRQs are disabled/enabled
2017-11-08 11:13:50 +01:00
smpboot.c
watchdog/core, powerpc: Lock cpus across reconfiguration
2017-10-04 10:53:54 +02:00
smpboot.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
softirq.c
softirq: Consolidate common code in tasklet_[hi]_action()
2018-03-09 11:50:55 +01:00
stacktrace.c
stop_machine.c
sys_ni.c
syscalls/core: Prepare CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y for compat syscalls
2018-04-05 16:59:38 +02:00
sys.c
nospec: Allow getting/setting on non-current task
2018-05-03 13:55:51 +02:00
sysctl_binary.c
staging: irda: remove remaining remants of irda code removal
2018-04-16 11:26:49 +02:00
sysctl.c
kernel/sysctl.c: add kdoc comments to do_proc_do{u}intvec_minmax_conv_param
2018-04-11 10:28:38 -07:00
task_work.c
locking/barriers: Convert users of lockless_dereference() to READ_ONCE()
2017-12-17 13:57:15 +01:00
taskstats.c
pids: introduce find_get_task_by_vpid() helper
2018-02-06 18:32:46 -08:00
test_kprobes.c
kprobes: Disable the jprobes test code
2017-10-20 11:02:54 +02:00
torture.c
torture: Save a line in stutter_wait(): while -> for
2017-12-11 09:18:30 -08:00
tracepoint.c
tracepoint: Remove smp_read_barrier_depends() from comment
2017-12-04 10:52:56 -08:00
tsacct.c
ucount.c
headers: untangle kmemleak.h from mm.h
2018-04-05 21:36:27 -07:00
uid16.c
fs: add do_fchownat(), ksys_fchown() helpers and ksys_{,l}chown() wrappers
2018-04-02 20:15:59 +02:00
uid16.h
kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c
2018-04-02 20:15:30 +02:00
umh.c
kernel: use kernel_wait4() instead of sys_wait4()
2018-04-02 20:14:51 +02:00
up.c
smp: Avoid using two cache lines for struct call_single_data
2017-08-29 15:14:38 +02:00
user_namespace.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2017-11-16 12:20:15 -08:00
user-return-notifier.c
user.c
efivarfs: Limit the rate for non-root to read files
2018-02-22 10:21:02 -08:00
utsname_sysctl.c
utsname.c
uts: create "struct uts_namespace" from kmem_cache
2018-04-11 10:28:35 -07:00
watchdog_hld.c
Merge branch 'linus' into core/urgent, to pick up dependent commits
2017-11-04 08:53:04 +01:00
watchdog.c
Merge branch 'linus' into sched/core, to pick up fixes
2017-11-08 10:17:15 +01:00
workqueue_internal.h
Merge branch 'for-4.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2017-11-06 12:26:49 -08:00
workqueue.c
Merge branch 'for-4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2018-04-03 18:00:13 -07:00