lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 16 May 2018 20:14:12 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Mauro Carvalho Chehab <mchehab+samsung@...nel.org>,
        Mauro Carvalho Chehab <mchehab@...nel.org>,
        linux-media@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 01/11] media: tm6000: fix potential Spectre variant 1



On 05/15/2018 02:39 PM, Dan Carpenter wrote:
>> Dan,
>>
>> These are all the Spectre media issues I see smatch is reporting in
>> linux-next-20180515:
>>
>> drivers/media/cec/cec-pin-error-inj.c:170 cec_pin_error_inj_parse_line()
>> warn: potential spectre issue 'pin->error_inj_args'
>> drivers/media/dvb-core/dvb_ca_en50221.c:1479 dvb_ca_en50221_io_write() warn:
>> potential spectre issue 'ca->slot_info' (local cap)
>> drivers/media/dvb-core/dvb_net.c:252 handle_one_ule_extension() warn:
>> potential spectre issue 'p->ule_next_hdr'
>>
>> I pulled the latest changes from the smatch repository and compiled it.
>>
>> I'm running smatch v0.5.0-4459-g2f66d40 now. Is this the latest version?
>>
>> I wonder if there is anything I might be missing.
>>
> 
> You'd need to rebuild the db (possibly twice but definitely once).
> 

Hi Dan,

After rebuilding the db (once), these are all the Spectre media warnings 
I get:

drivers/media/pci/ddbridge/ddbridge-core.c:233 ddb_redirect() warn: 
potential spectre issue 'ddbs'
drivers/media/pci/ddbridge/ddbridge-core.c:243 ddb_redirect() warn: 
potential spectre issue 'pdev->port'
drivers/media/pci/ddbridge/ddbridge-core.c:252 ddb_redirect() warn: 
potential spectre issue 'idev->input'
drivers/media/dvb-core/dvb_ca_en50221.c:1400 
dvb_ca_en50221_io_do_ioctl() warn: potential spectre issue 
'ca->slot_info' (local cap)
drivers/media/dvb-core/dvb_ca_en50221.c:1479 dvb_ca_en50221_io_write() 
warn: potential spectre issue 'ca->slot_info' (local cap)
drivers/media/dvb-core/dvb_net.c:252 handle_one_ule_extension() warn: 
potential spectre issue 'p->ule_next_hdr'
drivers/media/dvb-core/dvb_net.c:1483 dvb_net_do_ioctl() warn: potential 
spectre issue 'dvbnet->device' (local cap)
drivers/media/cec/cec-pin-error-inj.c:170 cec_pin_error_inj_parse_line() 
warn: potential spectre issue 'pin->error_inj_args'

I just want to double check if you are getting the same output. In case 
you are getting the same, then what Mauro commented about these issues:

https://patchwork.linuxtv.org/project/linux-media/list/?submitter=7277

being resolved by commit 3ad3b7a2ebaefae37a7eafed0779324987ca5e56 seems 
to be correct.

Thanks
--
Gustavo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ