From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Dan Carpenter <dan.carpenter@oracle.com>,
"Peter Zijlstra (Intel)" <peterz@infradead.org>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Jiri Olsa <jolsa@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Stephane Eranian <eranian@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Vince Weaver <vincent.weaver@maine.edu>,
Ingo Molnar <mingo@kernel.org>
Subject: [PATCH 4.9 36/36] perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
Date: Mon, 14 May 2018 08:49:10 +0200 [thread overview]
Message-ID: <20180514064807.048279765@linuxfoundation.org> (raw)
In-Reply-To: <20180514064804.252823817@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Peter Zijlstra <peterz@infradead.org>
commit 46b1b577229a091b137831becaa0fae8690ee15a upstream.
> arch/x86/events/intel/cstate.c:307 cstate_pmu_event_init() warn: potential spectre issue 'pkg_msr' (local cap)
> arch/x86/events/intel/core.c:337 intel_pmu_event_map() warn: potential spectre issue 'intel_perfmon_event_map'
> arch/x86/events/intel/knc.c:122 knc_pmu_event_map() warn: potential spectre issue 'knc_perfmon_event_map'
> arch/x86/events/intel/p4.c:722 p4_pmu_event_map() warn: potential spectre issue 'p4_general_events'
> arch/x86/events/intel/p6.c:116 p6_pmu_event_map() warn: potential spectre issue 'p6_perfmon_event_map'
> arch/x86/events/amd/core.c:132 amd_pmu_event_map() warn: potential spectre issue 'amd_perfmon_event_map'
Userspace controls @attr, sanitize @attr->config before passing it on
to x86_pmu::event_map().
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: <stable@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/events/core.c | 3 +++
1 file changed, 3 insertions(+)
--- a/arch/x86/events/core.c
+++ b/arch/x86/events/core.c
@@ -26,6 +26,7 @@
#include <linux/cpu.h>
#include <linux/bitops.h>
#include <linux/device.h>
+#include <linux/nospec.h>
#include <asm/apic.h>
#include <asm/stacktrace.h>
@@ -423,6 +424,8 @@ int x86_setup_perfctr(struct perf_event
if (attr->config >= x86_pmu.max_events)
return -EINVAL;
+ attr->config = array_index_nospec((unsigned long)attr->config, x86_pmu.max_events);
+
/*
* The generic map:
*/
next prev parent reply other threads:[~2018-05-14 6:49 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-14 6:48 [PATCH 4.9 00/36] 4.9.100-stable review Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 01/36] ipvs: fix rtnl_lock lockups caused by start_sync_thread Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 02/36] IB/device: Convert ib-comp-wq to be CPU-bound Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 03/36] kcm: Call strp_stop before strp_done in kcm_attach Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 04/36] crypto: af_alg - fix possible uninit-value in alg_bind() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 05/36] netlink: fix uninit-value in netlink_sendmsg Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 06/36] net: fix rtnh_ok() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 07/36] net: initialize skb->peeked when cloning Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 08/36] net: fix uninit-value in __hw_addr_add_ex() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 09/36] dccp: initialize ireq->ir_mark Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 10/36] soreuseport: initialise timewait reuseport field Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 11/36] perf: Remove superfluous allocation error check Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 12/36] tcp: fix TCP_REPAIR_QUEUE bound checking Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 13/36] bdi: Fix oops in wb_workfn() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 14/36] KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 15/36] f2fs: fix a dead loop in f2fs_fiemap() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 16/36] arm64: Add work around for Arm Cortex-A55 Erratum 1024718 Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 17/36] gpioib: do not free unrequested descriptors Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 18/36] gpio: fix aspeed_gpio unmask irq Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 19/36] gpio: fix error path in lineevent_create Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 20/36] rfkill: gpio: fix memory leak in probe error path Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 21/36] libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 22/36] tracing: Fix regex_match_front() to not over compare the test string Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 23/36] can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 24/36] drm/vc4: Fix scaling of uni-planar formats Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.9 25/36] drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 26/36] net: atm: Fix potential Spectre v1 Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 27/36] atm: zatm: " Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 28/36] Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 29/36] thermal: exynos: Reading temperature makes sense only when TMU is turned on Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 30/36] thermal: exynos: Propagate error value from tmu_read() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 31/36] tracing/uprobe_event: Fix strncpy corner case Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 32/36] perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 33/36] perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 34/36] perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.9 35/36] perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] Greg Kroah-Hartman
2018-05-14 6:49 ` Greg Kroah-Hartman [this message]
2018-05-14 13:05 ` [PATCH 4.9 00/36] 4.9.100-stable review kernelci.org bot
2018-05-14 16:20 ` Guenter Roeck
2018-05-14 22:03 ` Shuah Khan
2018-05-15 5:40 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180514064807.048279765@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=acme@redhat.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=dan.carpenter@oracle.com \
--cc=eranian@google.com \
--cc=jolsa@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vincent.weaver@maine.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.