arm64: uaccess: Prevent speculative use of the current addr_limit
authorWill Deacon <will.deacon@arm.com>
Mon, 5 Feb 2018 15:34:21 +0000 (15:34 +0000)
committerCatalin Marinas <catalin.marinas@arm.com>
Tue, 6 Feb 2018 22:53:37 +0000 (22:53 +0000)
commitc2f0ad4fc089cff81cef6a13d04b399980ecbfcc
tree758d9a7e84a17ed49848d88cc687af1c29624ac7
parent6314d90e64936c584f300a52ef173603fb2461b5
arm64: uaccess: Prevent speculative use of the current addr_limit

A mispredicted conditional call to set_fs could result in the wrong
addr_limit being forwarded under speculation to a subsequent access_ok
check, potentially forming part of a spectre-v1 attack using uaccess
routines.

This patch prevents this forwarding from taking place, but putting heavy
barriers in set_fs after writing the addr_limit.

Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
arch/arm64/include/asm/uaccess.h