]>
Commit | Line | Data |
---|---|---|
035dbe67 FG |
1 | From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
2 | From: Tim Chen <tim.c.chen@linux.intel.com> | |
3 | Date: Wed, 8 Nov 2017 16:30:06 -0800 | |
4 | Subject: [PATCH] x86/entry: Use retpoline for syscall's indirect calls | |
5 | MIME-Version: 1.0 | |
6 | Content-Type: text/plain; charset=UTF-8 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ||
9 | CVE-2017-5753 | |
10 | CVE-2017-5715 | |
11 | ||
12 | Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> | |
13 | Signed-off-by: Andy Whitcroft <apw@canonical.com> | |
14 | Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> | |
15 | (cherry picked from commit d2e0236f395e876f5303fb5021e4fe6eea881402) | |
16 | Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> | |
17 | --- | |
18 | arch/x86/entry/entry_64.S | 10 +++++++++- | |
19 | 1 file changed, 9 insertions(+), 1 deletion(-) | |
20 | ||
21 | diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S | |
22 | index 1118a6256c69..be7196967f9f 100644 | |
23 | --- a/arch/x86/entry/entry_64.S | |
24 | +++ b/arch/x86/entry/entry_64.S | |
25 | @@ -276,7 +276,15 @@ entry_SYSCALL_64_fastpath: | |
26 | * It might end up jumping to the slow path. If it jumps, RAX | |
27 | * and all argument registers are clobbered. | |
28 | */ | |
29 | - call *sys_call_table(, %rax, 8) | |
30 | + movq sys_call_table(, %rax, 8), %r10 | |
31 | + jmp 1f | |
32 | +4: callq 2f | |
33 | +3: nop | |
34 | + jmp 3b | |
35 | +2: mov %r10, (%rsp) | |
36 | + retq | |
37 | +1: callq 4b | |
38 | + | |
39 | .Lentry_SYSCALL_64_after_fastpath_call: | |
40 | ||
41 | movq %rax, RAX(%rsp) | |
42 | -- | |
43 | 2.14.2 | |
44 |