Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability
Written by Michael Larabel in Linux Kernel on 5 May 2018 at 08:20 AM EDT. 35 Comments
LINUX KERNEL --
As part of fixes landing for the Linux kernel sound drivers, several sound drivers were hardened against Spectre Variant One.

HDA, Control, OSS, OPL3, and HDSPM were among the ALSA code in the kernel now hardened against potential Spectre Variant One exploitation. Spectre V1 as a reminder is the bounds check bypass vulnerability.

Since last month, the Smatch static analysis C tool designed for analyzing the Linux kernel code has been able to warn about potential Spectre vulnerabilities. Since that extra check has been added to Smatch in mid-April, it has uncovered hundreds of potential areas where the kernel's C code could be prone to a bounds check bypass style issue due to speculative execution by the processor.

Linux sound subsystem maintainer Takashi Iwai has hardened these different bits of sound/ALSA code against Spectre Variant One by making use of array_index_nospec() as the generic means of sanitizing speculative array de-references. These recent changes to Linux 4.17 can be found via the Spectre V1 changes. The work is also being back-ported to currently maintained Linux kernel stable trees. Assuming the Smatch Spectre reporting is accurate, we could be seeing many more preventative patches on the way.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Linux Kernel News
Popular News This Week