Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Jan 2018 09:49:21 -0800
From: Dan Williams <>
To: Jan Kara <>
Cc: Linux Kernel Mailing List <>,,, Jan Kara <>, 
	Thomas Gleixner <>, Linus Torvalds <>, 
	Andrew Morton <>, Elena Reshetova <>, 
	Alan Cox <>
Subject: Re: [PATCH v2 13/19] udf: prevent bounds-check bypass via speculative execution

On Mon, Jan 15, 2018 at 2:32 AM, Jan Kara <> wrote:
> On Thu 11-01-18 16:47:35, Dan Williams wrote:
>> Static analysis reports that 'eahd->appAttrLocation' and
>> 'eahd->impAttrLocation' may be a user controlled values that are used as
>> data dependencies for calculating source and destination buffers for
>> memmove operations. In order to avoid potential leaks of kernel memory
>> values, block speculative execution of the instruction stream that could
>> issue further reads based on invalid 'aal' or 'ial' values.
>> Based on an original patch by Elena Reshetova.
>> Cc: Jan Kara <>
>> Signed-off-by: Elena Reshetova <>
>> Signed-off-by: Dan Williams <>
> Dan, I've already emailed to you [1] why I don't think this patch is needed
> at all. Do you disagree or did my email just get lost?
> [1]

Sorry, I missed that one before the v2 posting went out. I've dropped
this from the v3 [1] posting.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.