Home Explore Help
Register Sign In
Apq
/
pve-edge-kernel
mirror of https://github.com/fabianishere/pve-edge-kernel.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 035dbe6708
Branches Tags
pve-edge-kernel
/
patches
/
kernel
/
0255-x86-alternatives-Fix-optimize_nops-checking.patch

0255-x86-alternatives-Fix-optimize_nops-checking.patch 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
    2. 

  2. From: Borislav Petkov <[email protected]>
    3. 

  3. Date: Wed, 10 Jan 2018 12:28:16 +0100
    4. 

  4. Subject: [PATCH] x86/alternatives: Fix optimize_nops() checking
    5. 

  5. MIME-Version: 1.0
    6. 

  6. Content-Type: text/plain; charset=UTF-8
    7. 

  7. Content-Transfer-Encoding: 8bit
    8. 

  8. 

  9. CVE-2017-5754
    10. 

  10. 

  11. The alternatives code checks only the first byte whether it is a NOP, but
    12. 

  12. with NOPs in front of the payload and having actual instructions after it
    13. 

  13. breaks the "optimized' test.
    14. 

  14. 

  15. Make sure to scan all bytes before deciding to optimize the NOPs in there.
    16. 

  16. 

  17. Reported-by: David Woodhouse <[email protected]>
    18. 

  18. Signed-off-by: Borislav Petkov <[email protected]>
    19. 

  19. Signed-off-by: Thomas Gleixner <[email protected]>
    20. 

  20. Cc: Tom Lendacky <[email protected]>
    21. 

  21. Cc: Andi Kleen <[email protected]>
    22. 

  22. Cc: Tim Chen <[email protected]>
    23. 

  23. Cc: Peter Zijlstra <[email protected]>
    24. 

  24. Cc: Jiri Kosina <[email protected]>
    25. 

  25. Cc: Dave Hansen <[email protected]>
    26. 

  26. Cc: Andi Kleen <[email protected]>
    27. 

  27. Cc: Andrew Lutomirski <[email protected]>
    28. 

  28. Cc: Linus Torvalds <[email protected]>
    29. 

  29. Cc: Greg Kroah-Hartman <[email protected]>
    30. 

  30. Cc: Paul Turner <[email protected]>
    31. 

  31. Link: https://lkml.kernel.org/r/[email protected]
    32. 

  32. 

  33. (cherry picked from commit 612e8e9350fd19cae6900cf36ea0c6892d1a0dca)
    34. 

  34. Signed-off-by: Andy Whitcroft <[email protected]>
    35. 

  35. Signed-off-by: Kleber Sacilotto de Souza <[email protected]>
    36. 

  36. (cherry picked from commit dc241f68557ee1929a92b9ec6f7a1294bbbd4f00)
    37. 

  37. Signed-off-by: Fabian Grünbichler <[email protected]>
    38. 

  38. ---
    39. 

  39.  arch/x86/kernel/alternative.c | 7 +++++--
    40. 

  40.  1 file changed, 5 insertions(+), 2 deletions(-)
    41. 

  41. 

  42. diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
    43. 

  43. index 32e14d137416..5dc05755a044 100644
    44. 

  44. --- a/arch/x86/kernel/alternative.c
    45. 

  45. +++ b/arch/x86/kernel/alternative.c
    46. 

  46. @@ -344,9 +344,12 @@ recompute_jump(struct alt_instr *a, u8 *orig_insn, u8 *repl_insn, u8 *insnbuf)
    47. 

  47.  static void __init_or_module noinline optimize_nops(struct alt_instr *a, u8 *instr)
    48. 

  48.  {
    49. 

  49.  	unsigned long flags;
    50. 

  50. +	int i;
    51. 

  51.  
    52. 

  52. -	if (instr[0] != 0x90)
    53. 

  53. -		return;
    54. 

  54. +	for (i = 0; i < a->padlen; i++) {
    55. 

  55. +		if (instr[i] != 0x90)
    56. 

  56. +			return;
    57. 

  57. +	}
    58. 

  58.  
    59. 

  59.  	local_irq_save(flags);
    60. 

  60.  	add_nops(instr + (a->instrlen - a->padlen), a->padlen);
    61. 

  61. -- 
    62. 

  62. 2.14.2
    63. 

  63.