Zephyr Project API 4.0.0
A Scalable Open Source RTOS
Loading...
Searching...
No Matches
speculation.h File Reference
#include <zephyr/types.h>

Go to the source code of this file.

Functions

static uint32_t k_array_index_sanitize (uint32_t index, uint32_t array_size)
 Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability.
 

Function Documentation

◆ k_array_index_sanitize()

static uint32_t k_array_index_sanitize ( uint32_t  index,
uint32_t  array_size 
)
inlinestatic

Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability.

CPUs with speculative execution may speculate past any size checks and leak confidential data due to analysis of micro-architectural properties. This will unconditionally truncate any out-of-bounds indexes to zero in the speculative execution path using bit twiddling instead of any branch instructions.

Example usage:

if (index < size) { index = k_array_index_sanitize(index, size); data = array[index]; }

Parameters
indexUntrusted array index which has been validated, but not used
array_sizeSize of the array
Returns
The original index value if < size, or 0