patches/kernel/0089-x86-entry-64-Simplify-reg-restore-code-in-the-standa.patch

   1 From 958fcb45b64535b87e3cfaef15a5cb41595e4187 Mon Sep 17 00:00:00 2001
   2 From: Andy Lutomirski <luto@kernel.org>
   3 Date: Thu, 2 Nov 2017 00:59:01 -0700
   4 Subject: [PATCH 089/241] x86/entry/64: Simplify reg restore code in the
   5  standard IRET paths
   6 MIME-Version: 1.0
   7 Content-Type: text/plain; charset=UTF-8
   8 Content-Transfer-Encoding: 8bit
   9
  10 CVE-2017-5754
  11
  12 The old code restored all the registers with movq instead of pop.
  13
  14 In theory, this was done because some CPUs have higher movq
  15 throughput, but any gain there would be tiny and is almost certainly
  16 outweighed by the higher text size.
  17
  18 This saves 96 bytes of text.
  19
  20 Signed-off-by: Andy Lutomirski <luto@kernel.org>
  21 Cc: Borislav Petkov <bpetkov@suse.de>
  22 Cc: Brian Gerst <brgerst@gmail.com>
  23 Cc: Dave Hansen <dave.hansen@intel.com>
  24 Cc: Linus Torvalds <torvalds@linux-foundation.org>
  25 Cc: Peter Zijlstra <peterz@infradead.org>
  26 Cc: Thomas Gleixner <tglx@linutronix.de>
  27 Link: http://lkml.kernel.org/r/ad82520a207ccd851b04ba613f4f752b33ac05f7.1509609304.git.luto@kernel.org
  28 Signed-off-by: Ingo Molnar <mingo@kernel.org>
  29 (cherry picked from commit e872045bfd9c465a8555bab4b8567d56a4d2d3bb)
  30 Signed-off-by: Andy Whitcroft <apw@canonical.com>
  31 Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
  32 (cherry picked from commit f926575cd370de4052e89477582b349af5664a56)
  33 Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
  34 ---
  35  arch/x86/entry/calling.h  | 21 +++++++++++++++++++++
  36  arch/x86/entry/entry_64.S | 12 ++++++------
  37  2 files changed, 27 insertions(+), 6 deletions(-)
  38
  39 diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h
  40 index 640aafebdc00..0b9dd8123701 100644
  41 --- a/arch/x86/entry/calling.h
  42 +++ b/arch/x86/entry/calling.h
  43 @@ -151,6 +151,27 @@ For 32-bit we have the following conventions - kernel is built with
  44         UNWIND_HINT_REGS offset=\offset extra=0
  45         .endm
  46
  47 +       .macro POP_EXTRA_REGS
  48 +       popq %r15
  49 +       popq %r14
  50 +       popq %r13
  51 +       popq %r12
  52 +       popq %rbp
  53 +       popq %rbx
  54 +       .endm
  55 +
  56 +       .macro POP_C_REGS
  57 +       popq %r11
  58 +       popq %r10
  59 +       popq %r9
  60 +       popq %r8
  61 +       popq %rax
  62 +       popq %rcx
  63 +       popq %rdx
  64 +       popq %rsi
  65 +       popq %rdi
  66 +       .endm
  67 +
  68         .macro RESTORE_C_REGS_HELPER rstor_rax=1, rstor_rcx=1, rstor_r11=1, rstor_r8910=1, rstor_rdx=1
  69         .if \rstor_r11
  70         movq 6*8(%rsp), %r11
  71 diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
  72 index 7c8258e3ad2d..a1a86e782a0e 100644
  73 --- a/arch/x86/entry/entry_64.S
  74 +++ b/arch/x86/entry/entry_64.S
  75 @@ -618,9 +618,9 @@ GLOBAL(swapgs_restore_regs_and_return_to_usermode)
  76  1:
  77  #endif
  78         SWAPGS
  79 -       RESTORE_EXTRA_REGS
  80 -       RESTORE_C_REGS
  81 -       REMOVE_PT_GPREGS_FROM_STACK 8
  82 +       POP_EXTRA_REGS
  83 +       POP_C_REGS
  84 +       addq    $8, %rsp        /* skip regs->orig_ax */
  85         INTERRUPT_RETURN
  86
  87
  88 @@ -650,9 +650,9 @@ GLOBAL(restore_regs_and_return_to_kernel)
  89         ud2
  90  1:
  91  #endif
  92 -       RESTORE_EXTRA_REGS
  93 -       RESTORE_C_REGS
  94 -       REMOVE_PT_GPREGS_FROM_STACK 8
  95 +       POP_EXTRA_REGS
  96 +       POP_C_REGS
  97 +       addq    $8, %rsp        /* skip regs->orig_ax */
  98         INTERRUPT_RETURN
  99
 100  ENTRY(native_iret)
 101 --
 102 2.14.2
 103