Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability

Written by Michael Larabel in Linux Security on 5 May 2018 at 08:20 AM EDT. 35 Comments
As part of fixes landing for the Linux kernel sound drivers, several sound drivers were hardened against Spectre Variant One.

HDA, Control, OSS, OPL3, and HDSPM were among the ALSA code in the kernel now hardened against potential Spectre Variant One exploitation. Spectre V1 as a reminder is the bounds check bypass vulnerability.

Since last month, the Smatch static analysis C tool designed for analyzing the Linux kernel code has been able to warn about potential Spectre vulnerabilities. Since that extra check has been added to Smatch in mid-April, it has uncovered hundreds of potential areas where the kernel's C code could be prone to a bounds check bypass style issue due to speculative execution by the processor.

Linux sound subsystem maintainer Takashi Iwai has hardened these different bits of sound/ALSA code against Spectre Variant One by making use of array_index_nospec() as the generic means of sanitizing speculative array de-references. These recent changes to Linux 4.17 can be found via the Spectre V1 changes. The work is also being back-ported to currently maintained Linux kernel stable trees. Assuming the Smatch Spectre reporting is accurate, we could be seeing many more preventative patches on the way.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week