Cov neeg tsim tawm ntawm qhov project Grsecurity cov lus ceeb toom qhia tau hais tias yuav ua li cas tsis xav tshem tawm cov lus ceeb toom compiler tuaj yeem ua rau muaj qhov tsis zoo hauv cov cai. Thaum kawg ntawm lub Tsib Hlis, kev txhim kho tau thov rau Linux ntsiav rau ib qho kev siv vector tshiab ntawm Spectre qhov tsis zoo los ntawm ptrace system hu.
Thaum kuaj lub thaj, cov neeg tsim khoom pom tias thaum lub tsev, lub compiler qhia cov lus ceeb toom txog kev sib xyaw cov cai thiab cov ntsiab lus (tus qauv tau txiav txim siab tom qab tus lej, muab tus nqi rau qhov sib txawv uas twb muaj lawm):
int index = n;
yog (n < HBP_NUM) { index = array_index_nospec(index, HBP_NUM); struct perf_event *bp = xov->ptrace_bps[index];
Linus txais rau koj tus tswv ceg, los ntawm kev ceeb toom los ntawm kev txav lub ntsiab lus sib txawv mus rau ib qho yog thaiv:
yog (n < HBP_NUM) { int index = array_index_nospec(n, HBP_NUM); struct perf_event *bp = xov->ptrace_bps[index];
Thaum Lub Xya Hli, qhov kev txhim kho kuj tau xa mus rau cov ceg ntoo ruaj khov 4.4, 4.9, 4.14, 4.19 thiab 5.2. Cov neeg saib xyuas ntawm cov ceg ruaj khov kuj tau ntsib cov lus ceeb toom thiab, tsis txhob kuaj xyuas seb nws puas tau raug kho hauv Linus tus tswv ceg, lawv tau kho lawv tus kheej. Qhov teeb meem yog tias tsis xav txog nws tiag tiag, lawv tsuas yog txhais cov qauv, yog li ntawd hu rau array_index_nospec, uas ncaj qha tiv thaiv qhov tsis zoo, yog tsis siv thaum txhais cov qauv, thiab qhov sib txawv "n" yog ib txwm siv es tsis txhob ntawm qhov sib txawv "index":
int index = n;
yog (n < HBP_NUM ){ struct perf_event *bp = thread->ptrace_bps[index];
index = array_index_nospec(index, HBP_NUM);
Tau qhov twg los: opennet.ru