Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-22 Thread Pavel Machek
On Tue 2018-10-16 19:52:58, Gustavo A. R. Silva wrote: > Hi Dmitry, > > On 10/16/18 7:21 PM, Dmitry Torokhov wrote: > > Hi Gustavo, > > > > On Tue, Oct 16, 2018 at 01:13:13PM +0200, Gustavo A. R. Silva wrote: > >> setup.code can be indirectly controlled by user-space, hence leading to > >> a pote

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-18 Thread Dmitry Torokhov
On Thu, Oct 18, 2018 at 12:43 PM Alan Cox wrote: > > On Tue, 16 Oct 2018 20:12:43 +0200 > "Gustavo A. R. Silva" wrote: > > > On 10/16/18 8:09 PM, Dmitry Torokhov wrote: > > > > > > > > /dev/uinput > > > > I've got it. This explains it all. :) > > > > > must be 0600, or accessible to equally privi

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-18 Thread Alan Cox
On Tue, 16 Oct 2018 20:12:43 +0200 "Gustavo A. R. Silva" wrote: > On 10/16/18 8:09 PM, Dmitry Torokhov wrote: > > > > > /dev/uinput > > I've got it. This explains it all. :) > > > must be 0600, or accessible to equally privileged user, or you'll be > > opening your system to much mischief

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-16 Thread Gustavo A. R. Silva
Hi Dmitry, On 10/16/18 7:21 PM, Dmitry Torokhov wrote: > Hi Gustavo, > > On Tue, Oct 16, 2018 at 01:13:13PM +0200, Gustavo A. R. Silva wrote: >> setup.code can be indirectly controlled by user-space, hence leading to >> a potential exploitation of the Spectre variant 1 vulnerability. >> >> This i

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-16 Thread Gustavo A. R. Silva
On 10/16/18 8:09 PM, Dmitry Torokhov wrote: > > /dev/uinput I've got it. This explains it all. :) > must be 0600, or accessible to equally privileged user, or you'll be opening > your system to much mischief. > Thanks, Dmitry. -- Gustavo

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-16 Thread Dmitry Torokhov
On October 16, 2018 10:52:58 AM PDT, "Gustavo A. R. Silva" wrote: >Hi Dmitry, > >On 10/16/18 7:21 PM, Dmitry Torokhov wrote: >> Hi Gustavo, >> >> On Tue, Oct 16, 2018 at 01:13:13PM +0200, Gustavo A. R. Silva wrote: >>> setup.code can be indirectly controlled by user-space, hence leading >to >>>

Re: [PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-16 Thread Dmitry Torokhov
Hi Gustavo, On Tue, Oct 16, 2018 at 01:13:13PM +0200, Gustavo A. R. Silva wrote: > setup.code can be indirectly controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: > > drivers/input/mis

[PATCH] Input: uinput - fix Spectre v1 vulnerability

2018-10-16 Thread Gustavo A. R. Silva
setup.code can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: drivers/input/misc/uinput.c:512 uinput_abs_setup() warn: potential spectre issue 'dev->absinfo' [w] (local cap)