1. 20 Oct, 2018 35 commits
  2. 18 Oct, 2018 5 commits
    • Greg Kroah-Hartman's avatar
      Linux 4.14.77 · 8263087b
      Greg Kroah-Hartman authored
      8263087b
    • Jiri Olsa's avatar
      perf tools: Fix snprint warnings for gcc 8 · d0c9f9f9
      Jiri Olsa authored
      commit 77f18153
      
       upstream.
      
      With gcc 8 we get new set of snprintf() warnings that breaks the
      compilation, one example:
      
        tests/mem.c: In function ‘check’:
        tests/mem.c:19:48: error: ‘%s’ directive output may be truncated writing \
              up to 99 bytes into a region of size 89 [-Werror=format-truncation=]
          snprintf(failure, sizeof failure, "unexpected %s", out);
      
      The gcc docs says:
      
       To avoid the warning either use a bigger buffer or handle the
       function's return value which indicates whether or not its output
       has been truncated.
      
      Given that all these warnings are harmless, because the code either
      properly fails due to uncomplete file path or we don't care for
      truncated output at all, I'm changing all those snprintf() calls to
      scnprintf(), which actually 'checks' for the snprint return value so the
      gcc stays silent.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com...
      d0c9f9f9
    • Russell King's avatar
      ARM: spectre-v1: mitigate user accesses · 57bff812
      Russell King authored
      Commit a3c0f847
      
       upstream.
      
      Spectre variant 1 attacks are about this sequence of pseudo-code:
      
      	index = load(user-manipulated pointer);
      	access(base + index * stride);
      
      In order for the cache side-channel to work, the access() must me made
      to memory which userspace can detect whether cache lines have been
      loaded.  On 32-bit ARM, this must be either user accessible memory, or
      a kernel mapping of that same user accessible memory.
      
      The problem occurs when the load() speculatively loads privileged data,
      and the subsequent access() is made to user accessible memory.
      
      Any load() which makes use of a user-maniplated pointer is a potential
      problem if the data it has loaded is used in a subsequent access.  This
      also applies for the access() if the data loaded by that access is used
      by a subsequent access.
      
      Harden the get_user() accessors against Spectre attacks by forcing out
      of bounds addresses to a NULL pointer.  This prevents get_user() being
      used as the load() step above.  As a side effect, put_user() will also
      be affected even though it isn't implicated.
      
      Also harden copy_from_user() by redoing the bounds check within the
      arm_copy_from_user() code, and NULLing the pointer if out of bounds.
      Acked-by: default avatarMark Rutland <mark.rutland@arm.com>
      Signed-off-by: default avatarRussell King <rmk+kernel@armlinux.org.uk>
      Signed-off-by: default avatarDavid A. Long <dave.long@linaro.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      57bff812
    • Russell King's avatar
      ARM: spectre-v1: use get_user() for __get_user() · 4a1948d6
      Russell King authored
      Commit b1cd0a14
      
       upstream.
      
      Fixing __get_user() for spectre variant 1 is not sane: we would have to
      add address space bounds checking in order to validate that the location
      should be accessed, and then zero the address if found to be invalid.
      
      Since __get_user() is supposed to avoid the bounds check, and this is
      exactly what get_user() does, there's no point having two different
      implementations that are doing the same thing.  So, when the Spectre
      workarounds are required, make __get_user() an alias of get_user().
      Acked-by: default avatarMark Rutland <mark.rutland@arm.com>
      Signed-off-by: default avatarRussell King <rmk+kernel@armlinux.org.uk>
      Signed-off-by: default avatarDavid A. Long <dave.long@linaro.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      4a1948d6
    • Russell King's avatar
      ARM: use __inttype() in get_user() · f64824a3
      Russell King authored
      Commit d09fbb32
      
       upstream.
      
      Borrow the x86 implementation of __inttype() to use in get_user() to
      select an integer type suitable to temporarily hold the result value.
      This is necessary to avoid propagating the volatile nature of the
      result argument, which can cause the following warning:
      
      lib/iov_iter.c:413:5: warning: optimization may eliminate reads and/or writes to register variables [-Wvolatile-register-var]
      Acked-by: default avatarMark Rutland <mark.rutland@arm.com>
      Signed-off-by: default avatarRussell King <rmk+kernel@armlinux.org.uk>
      Signed-off-by: default avatarDavid A. Long <dave.long@linaro.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      f64824a3