]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit
projects / mirror_ubuntu-artful-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 337397e) | patch
UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels
authorJay Vosburgh <jay.vosburgh@canonical.com>
Thu, 25 Jan 2018 05:43:56 +0000 (21:43 -0800)
committerStefan Bader <stefan.bader@canonical.com>
Thu, 25 Jan 2018 08:23:52 +0000 (09:23 +0100)
commit57ed6ed2b6284c10b8d2e0072c680d0e6adac2dc
tree857d21f62650cec79c0fb5a49c4f00b7b6b69480tree
parent337397efe36180265c58bce02f91ced35cb9a5d1commit | diff
UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels

The extant assembler labels in entry_SYSCALL_64_fastpath
result in the error path incorrectly entering the retpoline logic.
This results in that logic jumping to whatever address is in %r10,
which is the fourth system call argument.

This enables a trivial means to instruct the kernel to jump
to any arbitrary address.  Non-malicious executables making invalid
system calls may also cause the system to crash.

Resolve this by renumbering the assembler labels as is found
in other kernels.

CVE-2017-5753
CVE-2017-5715

Fixes: d2e0236 ("x86/entry: Use retpoline for syscall's indirect calls")
Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
arch/x86/entry/entry_64.S diff | blob | blame | history
Ubuntu Artful kernel mirror