Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability
![LINUX SECURITY](/assets/categories/linuxsecurity.webp)
HDA, Control, OSS, OPL3, and HDSPM were among the ALSA code in the kernel now hardened against potential Spectre Variant One exploitation. Spectre V1 as a reminder is the bounds check bypass vulnerability.
Since last month, the Smatch static analysis C tool designed for analyzing the Linux kernel code has been able to warn about potential Spectre vulnerabilities. Since that extra check has been added to Smatch in mid-April, it has uncovered hundreds of potential areas where the kernel's C code could be prone to a bounds check bypass style issue due to speculative execution by the processor.
Linux sound subsystem maintainer Takashi Iwai has hardened these different bits of sound/ALSA code against Spectre Variant One by making use of array_index_nospec() as the generic means of sanitizing speculative array de-references. These recent changes to Linux 4.17 can be found via the Spectre V1 changes. The work is also being back-ported to currently maintained Linux kernel stable trees. Assuming the Smatch Spectre reporting is accurate, we could be seeing many more preventative patches on the way.
35 Comments