diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0012-x86-entry-64-Clear-extra-registers-beyond-syscall-ar.patch')
| -rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0012-x86-entry-64-Clear-extra-registers-beyond-syscall-ar.patch | 79 |
1 files changed, 0 insertions, 79 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0012-x86-entry-64-Clear-extra-registers-beyond-syscall-ar.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0012-x86-entry-64-Clear-extra-registers-beyond-syscall-ar.patch deleted file mode 100644 index f8e4bda9..00000000 --- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0012-x86-entry-64-Clear-extra-registers-beyond-syscall-ar.patch +++ /dev/null @@ -1,79 +0,0 @@ -From c8c45aa51a96245b04ac18e6f3475d66bc90d4e3 Mon Sep 17 00:00:00 2001 -From: Dan Williams <dan.j.williams@intel.com> -Date: Fri, 23 Feb 2018 14:06:21 -0800 -Subject: [PATCH 12/12] x86/entry/64: Clear extra registers beyond syscall - arguments, to reduce speculation attack surface - -commit 8e1eb3fa009aa7c0b944b3c8b26b07de0efb3200 upstream. - -At entry userspace may have (maliciously) populated the extra registers -outside the syscall calling convention with arbitrary values that could -be useful in a speculative execution (Spectre style) attack. - -Clear these registers to minimize the kernel's attack surface. - -Note, this only clears the extra registers and not the unused -registers for syscalls less than 6 arguments, since those registers are -likely to be clobbered well before their values could be put to use -under speculation. - -Note, Linus found that the XOR instructions can be executed with -minimized cost if interleaved with the PUSH instructions, and Ingo's -analysis found that R10 and R11 should be included in the register -clearing beyond the typical 'extra' syscall calling convention -registers. - -Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> -Reported-by: Andi Kleen <ak@linux.intel.com> -Signed-off-by: Dan Williams <dan.j.williams@intel.com> -Cc: <stable@vger.kernel.org> -Cc: Andy Lutomirski <luto@kernel.org> -Cc: Borislav Petkov <bp@alien8.de> -Cc: Brian Gerst <brgerst@gmail.com> -Cc: Denys Vlasenko <dvlasenk@redhat.com> -Cc: H. Peter Anvin <hpa@zytor.com> -Cc: Josh Poimboeuf <jpoimboe@redhat.com> -Cc: Peter Zijlstra <peterz@infradead.org> -Cc: Thomas Gleixner <tglx@linutronix.de> -Link: http://lkml.kernel.org/r/151787988577.7847.16733592218894189003.stgit@dwillia2-desk3.amr.corp.intel.com -[ Made small improvements to the changelog and the code comments. ] -Signed-off-by: Ingo Molnar <mingo@kernel.org> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> ---- - arch/x86/entry/entry_64.S | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S -index c915eeb..e9120d4 100644 ---- a/arch/x86/entry/entry_64.S -+++ b/arch/x86/entry/entry_64.S -@@ -176,13 +176,26 @@ GLOBAL(entry_SYSCALL_64_after_swapgs) - pushq %r8 /* pt_regs->r8 */ - pushq %r9 /* pt_regs->r9 */ - pushq %r10 /* pt_regs->r10 */ -+ /* -+ * Clear extra registers that a speculation attack might -+ * otherwise want to exploit. Interleave XOR with PUSH -+ * for better uop scheduling: -+ */ -+ xorq %r10, %r10 /* nospec r10 */ - pushq %r11 /* pt_regs->r11 */ -+ xorq %r11, %r11 /* nospec r11 */ - pushq %rbx /* pt_regs->rbx */ -+ xorl %ebx, %ebx /* nospec rbx */ - pushq %rbp /* pt_regs->rbp */ -+ xorl %ebp, %ebp /* nospec rbp */ - pushq %r12 /* pt_regs->r12 */ -+ xorq %r12, %r12 /* nospec r12 */ - pushq %r13 /* pt_regs->r13 */ -+ xorq %r13, %r13 /* nospec r13 */ - pushq %r14 /* pt_regs->r14 */ -+ xorq %r14, %r14 /* nospec r14 */ - pushq %r15 /* pt_regs->r15 */ -+ xorq %r15, %r15 /* nospec r15 */ - - /* IRQs are off. */ - movq %rsp, %rdi --- -2.7.4 - |