Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability

As part of fixes landing for the Linux kernel sound drivers, several sound drivers were hardened against Spectre Variant One.

HDA, Control, OSS, OPL3, and HDSPM were among the ALSA code in the kernel now hardened against potential Spectre Variant One exploitation. Spectre V1 as a reminder is the bounds check bypass vulnerability.

Since last month, the Smatch static analysis C tool designed for analyzing the Linux kernel code has been able to warn about potential Spectre vulnerabilities. Since that extra check has been added to Smatch in mid-April, it has uncovered hundreds of potential areas where the kernel's C code could be prone to a bounds check bypass style issue due to speculative execution by the processor.

Linux sound subsystem maintainer Takashi Iwai has hardened these different bits of sound/ALSA code against Spectre Variant One by making use of array_index_nospec() as the generic means of sanitizing speculative array de-references. These recent changes to Linux 4.17 can be found via the Spectre V1 changes. The work is also being back-ported to currently maintained Linux kernel stable trees. Assuming the Smatch Spectre reporting is accurate, we could be seeing many more preventative patches on the way.