1 files changed, 117 insertions, 0 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-entry-64-compat-Clear-registers-for-compat-sysca.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-entry-64-compat-Clear-registers-for-compat-sysca.patch
new file mode 100644
index 00000000..1006a947
--- /dev/null
+++ b/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-entry-64-compat-Clear-registers-for-compat-sysca.patch
@@ -0,0 +1,117 @@
+From 5b4a083e3f13f1bbea53075da6dc33b1e9dc3b62 Mon Sep 17 00:00:00 2001
+From: Dan Williams <dan.j.williams@intel.com>
+Date: Mon, 5 Feb 2018 17:18:17 -0800
+Subject: [PATCH 02/12] x86/entry/64/compat: Clear registers for compat
+ syscalls, to reduce speculation attack surface
+
+commit 6b8cf5cc9965673951f1ab3f0e3cf23d06e3e2ee upstream.
+
+At entry userspace may have populated registers with values that could
+otherwise be useful in a speculative execution attack. Clear them to
+minimize the kernel's attack surface.
+
+Originally-From: Andi Kleen <ak@linux.intel.com>
+Signed-off-by: Dan Williams <dan.j.williams@intel.com>
+Cc: <stable@vger.kernel.org>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Brian Gerst <brgerst@gmail.com>
+Cc: Denys Vlasenko <dvlasenk@redhat.com>
+Cc: H. Peter Anvin <hpa@zytor.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Link: http://lkml.kernel.org/r/151787989697.7847.4083702787288600552.stgit@dwillia2-desk3.amr.corp.intel.com
+[ Made small improvements to the changelog. ]
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/entry/entry_64_compat.S | 30 ++++++++++++++++++++++++++++++
+ 1 file changed, 30 insertions(+)
+
+diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S
+index d76a976..92c5573 100644
+--- a/arch/x86/entry/entry_64_compat.S
++++ b/arch/x86/entry/entry_64_compat.S
+@@ -83,15 +83,25 @@ ENTRY(entry_SYSENTER_compat)
+ 	pushq	%rcx			/* pt_regs->cx */
+ 	pushq	$-ENOSYS		/* pt_regs->ax */
+ 	pushq   $0			/* pt_regs->r8  = 0 */
++	xorq	%r8, %r8		/* nospec   r8 */
+ 	pushq   $0			/* pt_regs->r9  = 0 */
++	xorq	%r9, %r9		/* nospec   r9 */
+ 	pushq   $0			/* pt_regs->r10 = 0 */
++	xorq	%r10, %r10		/* nospec   r10 */
+ 	pushq   $0			/* pt_regs->r11 = 0 */
++	xorq	%r11, %r11		/* nospec   r11 */
+ 	pushq   %rbx                    /* pt_regs->rbx */
++	xorl	%ebx, %ebx		/* nospec   rbx */
+ 	pushq   %rbp                    /* pt_regs->rbp (will be overwritten) */
++	xorl	%ebp, %ebp		/* nospec   rbp */
+ 	pushq   $0			/* pt_regs->r12 = 0 */
++	xorq	%r12, %r12		/* nospec   r12 */
+ 	pushq   $0			/* pt_regs->r13 = 0 */
++	xorq	%r13, %r13		/* nospec   r13 */
+ 	pushq   $0			/* pt_regs->r14 = 0 */
++	xorq	%r14, %r14		/* nospec   r14 */
+ 	pushq   $0			/* pt_regs->r15 = 0 */
++	xorq	%r15, %r15		/* nospec   r15 */
+ 	cld
+ 
+ 	/*
+@@ -209,15 +219,25 @@ ENTRY(entry_SYSCALL_compat)
+ 	pushq	%rbp			/* pt_regs->cx (stashed in bp) */
+ 	pushq	$-ENOSYS		/* pt_regs->ax */
+ 	pushq   $0			/* pt_regs->r8  = 0 */
++	xorq	%r8, %r8		/* nospec   r8 */
+ 	pushq   $0			/* pt_regs->r9  = 0 */
++	xorq	%r9, %r9		/* nospec   r9 */
+ 	pushq   $0			/* pt_regs->r10 = 0 */
++	xorq	%r10, %r10		/* nospec   r10 */
+ 	pushq   $0			/* pt_regs->r11 = 0 */
++	xorq	%r11, %r11		/* nospec   r11 */
+ 	pushq   %rbx                    /* pt_regs->rbx */
++	xorl	%ebx, %ebx		/* nospec   rbx */
+ 	pushq   %rbp                    /* pt_regs->rbp (will be overwritten) */
++	xorl	%ebp, %ebp		/* nospec   rbp */
+ 	pushq   $0			/* pt_regs->r12 = 0 */
++	xorq	%r12, %r12		/* nospec   r12 */
+ 	pushq   $0			/* pt_regs->r13 = 0 */
++	xorq	%r13, %r13		/* nospec   r13 */
+ 	pushq   $0			/* pt_regs->r14 = 0 */
++	xorq	%r14, %r14		/* nospec   r14 */
+ 	pushq   $0			/* pt_regs->r15 = 0 */
++	xorq	%r15, %r15		/* nospec   r15 */
+ 
+ 	/*
+ 	 * User mode is traced as though IRQs are on, and SYSENTER
+@@ -320,15 +340,25 @@ ENTRY(entry_INT80_compat)
+ 	pushq	%rcx			/* pt_regs->cx */
+ 	pushq	$-ENOSYS		/* pt_regs->ax */
+ 	pushq   $0			/* pt_regs->r8  = 0 */
++	xorq	%r8, %r8		/* nospec   r8 */
+ 	pushq   $0			/* pt_regs->r9  = 0 */
++	xorq	%r9, %r9		/* nospec   r9 */
+ 	pushq   $0			/* pt_regs->r10 = 0 */
++	xorq	%r10, %r10		/* nospec   r10 */
+ 	pushq   $0			/* pt_regs->r11 = 0 */
++	xorq	%r11, %r11		/* nospec   r11 */
+ 	pushq   %rbx                    /* pt_regs->rbx */
++	xorl	%ebx, %ebx		/* nospec   rbx */
+ 	pushq   %rbp                    /* pt_regs->rbp */
++	xorl	%ebp, %ebp		/* nospec   rbp */
+ 	pushq   %r12                    /* pt_regs->r12 */
++	xorq	%r12, %r12		/* nospec   r12 */
+ 	pushq   %r13                    /* pt_regs->r13 */
++	xorq	%r13, %r13		/* nospec   r13 */
+ 	pushq   %r14                    /* pt_regs->r14 */
++	xorq	%r14, %r14		/* nospec   r14 */
+ 	pushq   %r15                    /* pt_regs->r15 */
++	xorq	%r15, %r15		/* nospec   r15 */
+ 	cld
+ 
+ 	/*
+-- 
+2.7.4
+