mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-28 13:22:57 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86
History
Bill Wendling 552bc7f3ec x86/paravirt: add extra clobbers with ZERO_CALL_USED_REGS enabled 
[ Upstream commit 8c86f29bfb ]

The ZERO_CALL_USED_REGS feature may zero out caller-saved registers
before returning.

In spurious_kernel_fault(), the "pte_offset_kernel()" call results in
this assembly code:

.Ltmp151:
        #APP
        # ALT: oldnstr
.Ltmp152:
.Ltmp153:
.Ltmp154:
        .section        .discard.retpoline_safe,"",@progbits
        .quad   .Ltmp154
        .text

        callq   *pv_ops+536(%rip)

.Ltmp155:
        .section        .parainstructions,"a",@progbits
        .p2align        3, 0x0
        .quad   .Ltmp153
        .byte   67
        .byte   .Ltmp155-.Ltmp153
        .short  1
        .text
.Ltmp156:
        # ALT: padding
        .zero   (-(((.Ltmp157-.Ltmp158)-(.Ltmp156-.Ltmp152))>0))*((.Ltmp157-.Ltmp158)-(.Ltmp156-.Ltmp152)),144
.Ltmp159:
        .section        .altinstructions,"a",@progbits
.Ltmp160:
        .long   .Ltmp152-.Ltmp160
.Ltmp161:
        .long   .Ltmp158-.Ltmp161
        .short  33040
        .byte   .Ltmp159-.Ltmp152
        .byte   .Ltmp157-.Ltmp158
        .text

        .section        .altinstr_replacement,"ax",@progbits
        # ALT: replacement 1
.Ltmp158:
        movq    %rdi, %rax
.Ltmp157:
        .text
        #NO_APP
.Ltmp162:
        testb   $-128, %dil

The "testb" here is using %dil, but the %rdi register was cleared before
returning from "callq *pv_ops+536(%rip)". Adding the proper constraints
results in the use of a different register:

        movq    %r11, %rdi

        # Similar to above.

        testb   $-128, %r11b

Link: https://github.com/KSPP/linux/issues/192
Signed-off-by: Bill Wendling <morbo@google.com>
Reported-and-tested-by: Nathan Chancellor <nathan@kernel.org>
Fixes: 035f7f87b7 ("randstruct: Enable Clang support")
Reviewed-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/lkml/fa6df43b-8a1a-8ad1-0236-94d2a0b588fa@suse.com/
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220902213750.1124421-3-morbo@google.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-10-21 12:38:01 +02:00
..
boot x86/boot: Don't propagate uninitialized boot_params->cc_blob_address 2022-08-24 09:03:04 +02:00
coco x86/tdx: Handle load_unaligned_zeropad() page-cross to a shared page 2022-06-17 15:37:33 -07:00
configs xen: branch for v6.0-rc3 2022-08-27 15:38:00 -07:00
crypto SPDX changes for 6.0-rc1 2022-08-04 12:12:54 -07:00
entry x86/entry: Fix entry_INT80_compat for Xen PV guests 2022-08-16 10:02:52 +02:00
events PCI interpretation compile fixes 2022-09-01 19:21:27 -04:00
hyperv ARM: 2022-08-04 14:59:54 -07:00
ia32 x86: Remove a.out support 2022-04-11 18:04:27 +02:00
include x86/paravirt: add extra clobbers with ZERO_CALL_USED_REGS enabled 2022-10-21 12:38:01 +02:00
kernel - Add the respective UP last level cache mask accessors in order not to 2022-10-02 09:30:35 -07:00
kvm KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS 2022-10-21 12:37:55 +02:00
lib x86/uaccess: avoid check_object_size() in copy_from_user_nmi() 2022-09-26 12:14:35 -07:00
math-emu x86/32: Remove lazy GS macros 2022-04-14 14:09:43 +02:00
mm x86/mm: disable instrumentations of mm/pgprot.c 2022-09-11 16:22:30 -07:00
net Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2022-07-22 16:55:44 -07:00
pci x86/PCI: Revert "x86/PCI: Clip only host bridge windows for E820 regions" 2022-06-17 14:24:14 -05:00
platform Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
power x86/cpu: Load microcode during restore_processor_state() 2022-04-19 19:37:05 +02:00
purgatory x86/purgatory: Omit use of bin2c 2022-07-25 10:32:32 +02:00
ras
realmode Intel Trust Domain Extensions 2022-05-23 17:51:12 -07:00
tools
um arch: um: Mark the stack non-executable to fix a binutils warning 2022-09-21 09:11:42 +02:00
video
virt/vmx/tdx x86/tdx: Provide common base for SEAMCALL and TDCALL C wrappers 2022-04-07 08:27:50 -07:00
xen x86/xen: Add support for HVMOP_set_evtchn_upcall_vector 2022-08-12 11:28:21 +02:00
.gitignore x86/purgatory: Omit use of bin2c 2022-07-25 10:32:32 +02:00
Kbuild
Kconfig - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
Kconfig.assembler
Kconfig.cpu
Kconfig.debug arch: make TRACE_IRQFLAGS_NMI_SUPPORT generic 2022-06-23 15:39:21 +01:00
Makefile asm goto: eradicate CC_HAS_ASM_GOTO 2022-08-21 10:06:28 -07:00
Makefile.um
Makefile_32.cpu