]>
Commit | Line | Data |
---|---|---|
59d5af67 | 1 | From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
321d628a FG |
2 | From: Josh Poimboeuf <jpoimboe@redhat.com> |
3 | Date: Fri, 20 Oct 2017 11:21:33 -0500 | |
59d5af67 | 4 | Subject: [PATCH] x86/entry: Fix idtentry unwind hint |
321d628a FG |
5 | MIME-Version: 1.0 |
6 | Content-Type: text/plain; charset=UTF-8 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ||
9 | CVE-2017-5754 | |
10 | ||
11 | This fixes the following ORC warning in the 'int3' entry code: | |
12 | ||
13 | WARNING: can't dereference iret registers at ffff8801c5f17fe0 for ip ffffffff95f0d94b | |
14 | ||
15 | The ORC metadata had the wrong stack offset for the iret registers. | |
16 | ||
17 | Their location on the stack is dependent on whether the exception has an | |
18 | error code. | |
19 | ||
20 | Reported-and-tested-by: Andrei Vagin <avagin@virtuozzo.com> | |
21 | Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> | |
22 | Cc: Andy Lutomirski <luto@kernel.org> | |
23 | Cc: Linus Torvalds <torvalds@linux-foundation.org> | |
24 | Cc: Peter Zijlstra <peterz@infradead.org> | |
25 | Cc: Thomas Gleixner <tglx@linutronix.de> | |
26 | Fixes: 8c1f75587a18 ("x86/entry/64: Add unwind hint annotations") | |
27 | Link: http://lkml.kernel.org/r/931d57f0551ed7979d5e7e05370d445c8e5137f8.1508516398.git.jpoimboe@redhat.com | |
28 | Signed-off-by: Ingo Molnar <mingo@kernel.org> | |
29 | (cherry picked from commit 98990a33b77dda9babf91cb235654f6729e5702e) | |
30 | Signed-off-by: Andy Whitcroft <apw@canonical.com> | |
31 | Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> | |
32 | (cherry picked from commit 266be2a5053230f6d0b6f27d3e8e9f28df40dd7e) | |
33 | Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> | |
34 | --- | |
35 | arch/x86/entry/entry_64.S | 2 +- | |
36 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
37 | ||
38 | diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S | |
39 | index c12260ef3e4b..2e4fc6425f47 100644 | |
40 | --- a/arch/x86/entry/entry_64.S | |
41 | +++ b/arch/x86/entry/entry_64.S | |
42 | @@ -821,7 +821,7 @@ apicinterrupt IRQ_WORK_VECTOR irq_work_interrupt smp_irq_work_interrupt | |
43 | ||
44 | .macro idtentry sym do_sym has_error_code:req paranoid=0 shift_ist=-1 | |
45 | ENTRY(\sym) | |
46 | - UNWIND_HINT_IRET_REGS offset=8 | |
47 | + UNWIND_HINT_IRET_REGS offset=\has_error_code*8 | |
48 | ||
49 | /* Sanity check */ | |
50 | .if \shift_ist != -1 && \paranoid == 0 | |
51 | -- | |
52 | 2.14.2 | |
53 |