speculation.h File Reference

#include <zephyr/types.h>

Go to the source code of this file.

Functions
static uint32_t	k_array_index_sanitize (uint32_t index, uint32_t array_size)
	Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability.

Function Documentation

k_array_index_sanitize()

static uint32_t k_array_index_sanitize ( uint32_t  index, uint32_t  array_size  )

inlinestatic

Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability.

CPUs with speculative execution may speculate past any size checks and leak confidential data due to analysis of micro-architectural properties. This will unconditionally truncate any out-of-bounds indexes to zero in the speculative execution path using bit twiddling instead of any branch instructions.

Example usage:

if (index < size) { index = k_array_index_sanitize(index, size); data = array[index]; }

Parameters

index	Untrusted array index which has been validated, but not used
array_size	Size of the array

Returns

The original index value if < size, or 0