Home Home > GIT Browse > openSUSE-15.0
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBorislav Petkov <bp@suse.de>2018-01-12 21:55:29 +0100
committerBorislav Petkov <bp@suse.de>2018-01-12 21:55:38 +0100
commit0077909d211a4643d1c7cc461fbdd1d13a17ba05 (patch)
tree755993e6288fc5ccbe3409314b459cf7f39b1828
parent5c41cd57e622f3162f4bd5a74dbdfe6ebc5dee02 (diff)
x86/entry/64: Remove the SYSENTER stack canary (bsc#1068032
CVE-2017-5754). suse-commit: 899947ecc4eaad172d6de577eb4a6a60be1d2eab
-rw-r--r--arch/x86/include/asm/processor.h1
-rw-r--r--arch/x86/kernel/dumpstack.c3
-rw-r--r--arch/x86/kernel/process.c1
-rw-r--r--arch/x86/kernel/traps.c7
4 files changed, 1 insertions, 11 deletions
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 6ef430578518..16bbce4e09c1 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -340,7 +340,6 @@ struct tss_struct {
* Space for the temporary SYSENTER stack, used for SYSENTER
* and the entry trampoline as well.
*/
- unsigned long SYSENTER_stack_canary;
unsigned long SYSENTER_stack[64];
/*
diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index 96c2ce710792..20cf97ed0ebf 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -48,8 +48,7 @@ bool in_sysenter_stack(unsigned long *stack, struct stack_info *info)
int cpu = smp_processor_id();
struct tss_struct *tss = &get_cpu_entry_area(cpu)->tss;
- /* Treat the canary as part of the stack for unwinding purposes. */
- void *begin = &tss->SYSENTER_stack_canary;
+ void *begin = &tss->SYSENTER_stack;
void *end = (void *)&tss->SYSENTER_stack + sizeof(tss->SYSENTER_stack);
if ((void *)stack < begin || (void *)stack >= end)
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 5bd62d21be25..a77da26e067a 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -80,7 +80,6 @@ __visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss) = {
*/
.io_bitmap = { [0 ... IO_BITMAP_LONGS] = ~0 },
#endif
- .SYSENTER_stack_canary = STACK_END_MAGIC,
};
EXPORT_PER_CPU_SYMBOL(cpu_tss);
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index cc60650de7b7..4ca2f082980f 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -822,13 +822,6 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
debug_stack_usage_dec();
exit:
- /*
- * This is the most likely code path that involves non-trivial use
- * of the SYSENTER stack. Check that we haven't overrun it.
- */
- WARN(this_cpu_read(cpu_tss.SYSENTER_stack_canary) != STACK_END_MAGIC,
- "Overran or corrupted SYSENTER stack\n");
-
ist_exit(regs);
}
NOKPROBE_SYMBOL(do_debug);