[pve-kernel.git] / patches / kernel / 0090-x86-entry-64-Shrink-paranoid_exit_restore-and-make-l.patch

From d8fdea47d7fc1177aa0843a49dc89422ac6f4fea Mon Sep 17 00:00:00 2001
From: Andy Lutomirski <luto@kernel.org>
Date: Thu, 2 Nov 2017 00:59:02 -0700
Subject: [PATCH 090/241] x86/entry/64: Shrink paranoid_exit_restore and make
 labels local
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

CVE-2017-5754

paranoid_exit_restore was a copy of restore_regs_and_return_to_kernel.
Merge them and make the paranoid_exit internal labels local.

Keeping .Lparanoid_exit makes the code a bit shorter because it
allows a 2-byte jnz instead of a 5-byte jnz.

Saves 96 bytes of text.

( This is still a bit suboptimal in a non-CONFIG_TRACE_IRQFLAGS
  kernel, but fixing that would make the code rather messy. )

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/510d66a1895cda9473c84b1086f0bb974f22de6a.1509609304.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
(cherry picked from commit e53178328c9b96fbdbc719e78c93b5687ee007c3)
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
(cherry picked from commit fb53fe10add935c3d0eb63199e43426eaf3b4299)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 arch/x86/entry/entry_64.S | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index a1a86e782a0e..6995f7e08aa1 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1136,17 +1136,14 @@ ENTRY(paranoid_exit)
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	TRACE_IRQS_OFF_DEBUG
 	testl	%ebx, %ebx			/* swapgs needed? */
-	jnz	paranoid_exit_no_swapgs
+	jnz	.Lparanoid_exit_no_swapgs
 	TRACE_IRQS_IRETQ
 	SWAPGS_UNSAFE_STACK
-	jmp	paranoid_exit_restore
-paranoid_exit_no_swapgs:
+	jmp	.Lparanoid_exit_restore
+.Lparanoid_exit_no_swapgs:
 	TRACE_IRQS_IRETQ_DEBUG
-paranoid_exit_restore:
-	RESTORE_EXTRA_REGS
-	RESTORE_C_REGS
-	REMOVE_PT_GPREGS_FROM_STACK 8
-	INTERRUPT_RETURN
+.Lparanoid_exit_restore:
+	jmp restore_regs_and_return_to_kernel
 END(paranoid_exit)
 
 /*
-- 
2.14.2
Commit	Line	Data
321d628a FG	1	From d8fdea47d7fc1177aa0843a49dc89422ac6f4fea Mon Sep 17 00:00:00 2001
	2	From: Andy Lutomirski <luto@kernel.org>
	3	Date: Thu, 2 Nov 2017 00:59:02 -0700
e4cdf2a5	4	Subject: [PATCH 090/241] x86/entry/64: Shrink paranoid_exit_restore and make
321d628a FG	5	labels local
	6	MIME-Version: 1.0
	7	Content-Type: text/plain; charset=UTF-8
	8	Content-Transfer-Encoding: 8bit
	9
	10	CVE-2017-5754
	11
	12	paranoid_exit_restore was a copy of restore_regs_and_return_to_kernel.
	13	Merge them and make the paranoid_exit internal labels local.
	14
	15	Keeping .Lparanoid_exit makes the code a bit shorter because it
	16	allows a 2-byte jnz instead of a 5-byte jnz.
	17
	18	Saves 96 bytes of text.
	19
	20	( This is still a bit suboptimal in a non-CONFIG_TRACE_IRQFLAGS
	21	kernel, but fixing that would make the code rather messy. )
	22
	23	Signed-off-by: Andy Lutomirski <luto@kernel.org>
	24	Cc: Borislav Petkov <bpetkov@suse.de>
	25	Cc: Brian Gerst <brgerst@gmail.com>
	26	Cc: Dave Hansen <dave.hansen@intel.com>
	27	Cc: Linus Torvalds <torvalds@linux-foundation.org>
	28	Cc: Peter Zijlstra <peterz@infradead.org>
	29	Cc: Thomas Gleixner <tglx@linutronix.de>
	30	Link: http://lkml.kernel.org/r/510d66a1895cda9473c84b1086f0bb974f22de6a.1509609304.git.luto@kernel.org
	31	Signed-off-by: Ingo Molnar <mingo@kernel.org>
	32	(cherry picked from commit e53178328c9b96fbdbc719e78c93b5687ee007c3)
	33	Signed-off-by: Andy Whitcroft <apw@canonical.com>
	34	Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	35	(cherry picked from commit fb53fe10add935c3d0eb63199e43426eaf3b4299)
	36	Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
	37	---
	38	arch/x86/entry/entry_64.S \| 13 +++++--------
	39	1 file changed, 5 insertions(+), 8 deletions(-)
	40
	41	diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
	42	index a1a86e782a0e..6995f7e08aa1 100644
	43	--- a/arch/x86/entry/entry_64.S
	44	+++ b/arch/x86/entry/entry_64.S
	45	@@ -1136,17 +1136,14 @@ ENTRY(paranoid_exit)
	46	DISABLE_INTERRUPTS(CLBR_ANY)
	47	TRACE_IRQS_OFF_DEBUG
	48	testl %ebx, %ebx /* swapgs needed? */
	49	- jnz paranoid_exit_no_swapgs
	50	+ jnz .Lparanoid_exit_no_swapgs
	51	TRACE_IRQS_IRETQ
	52	SWAPGS_UNSAFE_STACK
	53	- jmp paranoid_exit_restore
	54	-paranoid_exit_no_swapgs:
	55	+ jmp .Lparanoid_exit_restore
	56	+.Lparanoid_exit_no_swapgs:
	57	TRACE_IRQS_IRETQ_DEBUG
	58	-paranoid_exit_restore:
	59	- RESTORE_EXTRA_REGS
	60	- RESTORE_C_REGS
	61	- REMOVE_PT_GPREGS_FROM_STACK 8
	62	- INTERRUPT_RETURN
	63	+.Lparanoid_exit_restore:
	64	+ jmp restore_regs_and_return_to_kernel
	65	END(paranoid_exit)
	66
	67	/*
	68	--
69	2.14.2
70