From: Dan Williams <dan.j.williams@xxxxxxxxx> Date: Wed, 07 Feb 2018 22:34:24 -0800 > mpls_label_ok() validates that the 'platform_label' array index from a > userspace netlink message payload is valid. Under speculation the > mpls_label_ok() result may not resolve in the CPU pipeline until after > the index is used to access an array element. Sanitize the index to zero > to prevent userspace-controlled arbitrary out-of-bounds speculation, a > precursor for a speculative execution side channel vulnerability. > > Cc: <stable@xxxxxxxxxxxxxxx> > Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> > Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> > Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx> Applied, thank you.