From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Dumazet <eric.dumazet@gmail.com>
Subject: Re: [PATCH 4.4-stable 6/6] bpf: prevent out-of-bounds speculation
Date: Fri, 12 Jan 2018 08:52:23 -0800
Message-ID: <1515775943.131759.44.camel@gmail.com>
References: <20180112161721.8843-1-jslaby@suse.cz>
         <20180112161721.8843-7-jslaby@suse.cz>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: stable@vger.kernel.org, ast@kernel.org, netdev@vger.kernel.org,
        Daniel Borkmann <daniel@iogearbox.net>
To: Jiri Slaby <jslaby@suse.cz>, gregkh@linuxfoundation.org
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-pg0-f66.google.com ([74.125.83.66]:33464 "EHLO
        mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S934063AbeALQwZ (ORCPT
        <rfc822;netdev@vger.kernel.org>); Fri, 12 Jan 2018 11:52:25 -0500
In-Reply-To: <20180112161721.8843-7-jslaby@suse.cz>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On Fri, 2018-01-12 at 17:17 +0100, Jiri Slaby wrote:
> From: Alexei Starovoitov <ast@kernel.org>
> 
> commit b2157399cc9898260d6031c5bfe45fe137c1fbe7 upstream.
> 
> Under speculation, CPUs may mis-predict branches in bounds checks. Thus,
> memory accesses under a bounds check may be speculated even if the
> bounds check fails, providing a primitive for building a side channel.
> 

Make sure to also backport

https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=
bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1