proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2025-11-11 15:46:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c5943b9c53
mirror_ubuntu-kernels/sound/pci/emu10k1
History
Gustavo A. R. Silva 5ae4f61f01 ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities 
ipcm->substream is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

sound/pci/emu10k1/emufx.c:1031 snd_emu10k1_ipcm_poke() warn: potential spectre issue 'emu->fx8010.pcm' [r] (local cap)
sound/pci/emu10k1/emufx.c:1075 snd_emu10k1_ipcm_peek() warn: potential spectre issue 'emu->fx8010.pcm' [r] (local cap)

Fix this by sanitizing ipcm->substream before using it to index emu->fx8010.pcm

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2

Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2018-12-19 14:34:02 +01:00
..
emu10k1_callback.c ALSA: emu10k1: constify snd_emux_operators structure 2017-02-19 22:07:29 +01:00
emu10k1_main.c treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
emu10k1_patch.c ALSA: emu10k1_patch: Use swap macro in snd_emu10k1_sample_new 2018-07-17 17:17:52 +02:00
emu10k1_synth_local.h [ALSA] Remove sound/driver.h 2008-01-31 17:29:48 +01:00
emu10k1_synth.c ALSA: seq: Define driver object in each driver 2015-02-12 14:15:54 +01:00
emu10k1.c ALSA: seq: Allow the modular sequencer registration 2017-06-12 08:43:33 +02:00
emu10k1x.c sound: Use octal not symbolic permissions 2018-05-28 11:27:20 +02:00
emufx.c ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities 2018-12-19 14:34:02 +01:00
emumixer.c ALSA: pci: constify snd_kcontrol_new structures 2017-02-21 22:01:21 +01:00
emumpu401.c ALSA: pci: Constify snd_rawmidi_ops 2017-01-12 12:50:26 +01:00
emupcm.c ALSA: emu10k1: Use SNDRV_PCM_INFO_SYNC_APPLPTR info flag 2018-09-04 12:13:34 +02:00
emuproc.c sound: Use octal not symbolic permissions 2018-05-28 11:27:20 +02:00
io.c ALSA: emu10k1: Fix possible NULL dereference 2014-03-05 12:15:56 +01:00
irq.c ALSA: emu10k1: Use standard printk helpers 2014-02-26 16:45:27 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
memory.c ALSA: emu10k1: Rate-limit error messages about page errors 2018-05-17 20:02:23 +02:00
p16v.c treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
p16v.h Fix common misspellings 2011-03-31 11:26:23 -03:00
p17v.h [ALSA] emu10k1: Add Audio capture support for Audigy 2 ZS Notebook. 2007-02-09 09:02:17 +01:00
timer.c ALSA: pci: remove __dev* attributes 2012-12-07 07:20:55 +01:00
tina2.h
voice.c ALSA: emu10k1: Use standard printk helpers 2014-02-26 16:45:27 +01:00