lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Mar 2019 16:46:51 +0000 From: Alan Cox <gnomes@...rguk.ukuu.org.uk> To: Alexander Pateenok <pateenoc@...il.com> Cc: Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>, dri-devel@...ts.freedesktop.org, linux-fbdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: Indirect call in vesafb driver On Wed, 13 Mar 2019 17:54:18 +0300 Alexander Pateenok <pateenoc@...il.com> wrote: > Hi, > > There're several indirect calls in inline assembly in vesafb driver > (drivers/video/fbdev/vesafb.c), and these calls cannot be automatically > changed to retpolines. It's in vesafb_pan_display(): > > 73 __asm__ __volatile__( > 74 "call *(%%edi)" > > and in vesa_setpalette(): > > 113 __asm__ __volatile__( > 114 "call *(%%esi)" > > Is there need to use CALL_NOSPEC ? Vesafb is from the time on the dinosaurs but yes any vesa bios code will not be speculatively hardened. I'd also doubt anyone is actually using vesafb in the first place but it should use nospec Alan
Powered by blists - more mailing lists