On Fri, Feb 24, 2023 at 10:13:45AM +0100, Daniel Borkmann wrote:
> On 2/23/23 2:04 PM, Greg Kroah-Hartman wrote:
> > From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> >
> > commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 upstream.
> >
> > The results of "access_ok()" can be mis-speculated. The result is that
> > you can end speculatively:
> >
> > if (access_ok(from, size))
> > // Right here
> >
> > even for bad from/size combinations. On first glance, it would be ideal
> > to just add a speculation barrier to "access_ok()" so that its results
> > can never be mis-speculated.
>
> Keep in mind this also needs commit f3dd0c53370e ("bpf: add missing header file include")
> as follow-up everywhere you queue this one.
Already queued up in the -rc2 releases, thanks!
greg k-h
