1 files changed, 92 insertions, 0 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0040-nospec-Move-array_index_nospec-parameter-checking-in.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0040-nospec-Move-array_index_nospec-parameter-checking-in.patch
new file mode 100644
index 00000000..973e9188
--- /dev/null
+++ b/common/recipes-kernel/linux/linux-yocto-4.9.21/0040-nospec-Move-array_index_nospec-parameter-checking-in.patch
@@ -0,0 +1,92 @@
+From a3cb1b4823957921fa7a58e51bc8ee3e880bf1c5 Mon Sep 17 00:00:00 2001
+From: Will Deacon <will.deacon@arm.com>
+Date: Mon, 5 Feb 2018 14:16:06 +0000
+Subject: [PATCH 40/93] nospec: Move array_index_nospec() parameter checking
+ into separate macro
+
+commit 8fa80c503b484ddc1abbd10c7cb2ab81f3824a50 upstream.
+
+For architectures providing their own implementation of
+array_index_mask_nospec() in asm/barrier.h, attempting to use WARN_ONCE() to
+complain about out-of-range parameters using WARN_ON() results in a mess
+of mutually-dependent include files.
+
+Rather than unpick the dependencies, simply have the core code in nospec.h
+perform the checking for us.
+
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Link: http://lkml.kernel.org/r/1517840166-15399-1-git-send-email-will.deacon@arm.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/nospec.h | 36 +++++++++++++++++++++---------------
+ 1 file changed, 21 insertions(+), 15 deletions(-)
+
+diff --git a/include/linux/nospec.h b/include/linux/nospec.h
+index b99bced..fbc98e2 100644
+--- a/include/linux/nospec.h
++++ b/include/linux/nospec.h
+@@ -20,20 +20,6 @@ static inline unsigned long array_index_mask_nospec(unsigned long index,
+ 						    unsigned long size)
+ {
+ 	/*
+-	 * Warn developers about inappropriate array_index_nospec() usage.
+-	 *
+-	 * Even if the CPU speculates past the WARN_ONCE branch, the
+-	 * sign bit of @index is taken into account when generating the
+-	 * mask.
+-	 *
+-	 * This warning is compiled out when the compiler can infer that
+-	 * @index and @size are less than LONG_MAX.
+-	 */
+-	if (WARN_ONCE(index > LONG_MAX || size > LONG_MAX,
+-			"array_index_nospec() limited to range of [0, LONG_MAX]\n"))
+-		return 0;
+-
+-	/*
+ 	 * Always calculate and emit the mask even if the compiler
+ 	 * thinks the mask is not needed. The compiler does not take
+ 	 * into account the value of @index under speculation.
+@@ -44,6 +30,26 @@ static inline unsigned long array_index_mask_nospec(unsigned long index,
+ #endif
+ 
+ /*
++ * Warn developers about inappropriate array_index_nospec() usage.
++ *
++ * Even if the CPU speculates past the WARN_ONCE branch, the
++ * sign bit of @index is taken into account when generating the
++ * mask.
++ *
++ * This warning is compiled out when the compiler can infer that
++ * @index and @size are less than LONG_MAX.
++ */
++#define array_index_mask_nospec_check(index, size)				\
++({										\
++	if (WARN_ONCE(index > LONG_MAX || size > LONG_MAX,			\
++	    "array_index_nospec() limited to range of [0, LONG_MAX]\n"))	\
++		_mask = 0;							\
++	else									\
++		_mask = array_index_mask_nospec(index, size);			\
++	_mask;									\
++})
++
++/*
+  * array_index_nospec - sanitize an array index after a bounds check
+  *
+  * For a code sequence like:
+@@ -61,7 +67,7 @@ static inline unsigned long array_index_mask_nospec(unsigned long index,
+ ({									\
+ 	typeof(index) _i = (index);					\
+ 	typeof(size) _s = (size);					\
+-	unsigned long _mask = array_index_mask_nospec(_i, _s);		\
++	unsigned long _mask = array_index_mask_nospec_check(_i, _s);	\
+ 									\
+ 	BUILD_BUG_ON(sizeof(_i) > sizeof(long));			\
+ 	BUILD_BUG_ON(sizeof(_s) > sizeof(long));			\
+-- 
+2.7.4
+