| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFbcbMDJB0uNjTa9xwT9npmTdqMJ1Hez3CyeOCjjrLF2W0Wprw@mail.gmail.com>
Date: Thu, 30 May 2019 00:39:53 +0800
From: Dianzhang Chen <dianzhangchen0@...il.com>
To: Michal Hocko <mhocko@...nel.org>
Cc: cl@...ux.com, penberg@...nel.org, rientjes@...gle.com,
iamjoonsoo.kim@....com, akpm@...ux-foundation.org,
linux-mm@...ck.org, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] mm/slab_common.c: fix possible spectre-v1 in kmalloc_slab()
It's come from `192+1`.
The more code fragment is:
if (size <= 192) {
if (!size)
return ZERO_SIZE_PTR;
size = array_index_nospec(size, 193);
index = size_index[size_index_elem(size)];
}
Sine array_index_nospec(index, size) can clamp the index within the
range of [0, size), so in order to make the `size<=192`, need to clamp
the index in the range of [0, 192+1) .
On Thu, May 30, 2019 at 12:25 AM Michal Hocko <mhocko@...nel.org> wrote:
>
> On Wed 29-05-19 20:37:28, Dianzhang Chen wrote:
> [...]
> > @@ -1056,6 +1057,7 @@ struct kmem_cache *kmalloc_slab(size_t size, gfp_t flags)
> > if (!size)
> > return ZERO_SIZE_PTR;
> >
> > + size = array_index_nospec(size, 193);
> > index = size_index[size_index_elem(size)];
>
> What is this 193 magic number?
> --
> Michal Hocko
> SUSE Labs
Powered by blists - more mailing lists