Commit dd27f998 authored by Andy Lutomirski's avatar Andy Lutomirski Committed by Ingo Molnar
Browse files

x86/entry/64/compat: Fix SYSENTER's NT flag before user memory access 



Clearing NT is part of the prologue, whereas loading up arg6
makes more sense to think about as part of syscall processing.
Reorder them.

Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Link: http://lkml.kernel.org/r/19eb235828b2d2a52c53459e09f2974e15e65a35.1444091584.git.luto@kernel.org


Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent 04235c00

arch/x86/entry/entry_64_compat.S

+9 −9
Original line number Diff line number Diff line
@@ -88,15 +88,6 @@ ENTRY(entry_SYSENTER_compat) 
	cld

	sub	$(10*8), %rsp /* pt_regs->r8-11, bp, bx, r12-15 not saved */



	/*

	 * no need to do an access_ok check here because rbp has been

	 * 32-bit zero extended

	 */

	ASM_STAC

1:	movl	(%rbp), %ebp

	_ASM_EXTABLE(1b, ia32_badarg)

	ASM_CLAC



	/*

	 * Sysenter doesn't filter flags, so we need to clear NT

	 * ourselves.  To save a few cycles, we can check whether
@@ -106,6 +97,15 @@ ENTRY(entry_SYSENTER_compat) 
	jnz	sysenter_fix_flags

sysenter_flags_fixed:



	/*

	 * No need to do an access_ok() check here because RBP has been

	 * 32-bit zero extended:

	 */

	ASM_STAC

1:	movl	(%rbp), %ebp

	_ASM_EXTABLE(1b, ia32_badarg)

	ASM_CLAC



	orl	$TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)

	testl	$_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)

	jnz	sysenter_tracesys

CRA Git | Maintained and supported by SUSTech CRA and CCSE