Announcement

Collapse
No announcement yet.

Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • numacross
    replied
    Originally posted by pali View Post
    due to bugs in x86 processors (aka Spectre v1)
    Spectre affects almost every modern processor architecture with speculative execution including newer IBM POWER and ARM.

    Leave a comment:


  • pali
    replied
    Because sound drivers, like any other kernel drivers, run in the ring 0 mode which has access to whole physical memory. And because input to the kernel comes from the untrusted user (who would like to read physical memory to which it does not have access), it is needed to protect a kernel code which is vulnerable to bounds check due to bugs in x86 processors (aka Spectre v1). So imagine that you could prepare special input for these drivers (e.g. some IOCTL or any other syscall) and thanks to Spectre v1 you would use timing attacks to read from unavailable memory.

    Leave a comment:


  • Michael
    replied
    Originally posted by Ray54 View Post
    I do not understand why sound drivers need protecting against Spectre, etc. I do not think that sound drivers use passwords and I assume that this does not protect audio recordings made with the sound hardware. Could someone please say where the risk is with sound drivers?
    AFAIK, basically in these cases the arrays are being expanded from user-space data and thus with Spectre V1 if specially crafted code could theoretically leak some kernel memory to the rogue user-space code.

    Leave a comment:


  • Ray54
    replied
    I do not understand why sound drivers need protecting against Spectre, etc. I do not think that sound drivers use passwords and I assume that this does not protect audio recordings made with the sound hardware. Could someone please say where the risk is with sound drivers?

    Leave a comment:


  • Leopard
    replied
    Typo:

    it has uncovered hundreds of potential areas where the kernel's C could could

    One could is sufficient.

    Leave a comment:


  • Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability

    Phoronix: Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability

    As part of fixes landing for the Linux kernel sound drivers, several sound drivers were hardened against Spectre Variant One...

    http://www.phoronix.com/scan.php?pag...-Sound-Drivers
Working...
X