pve-kernel-qoup/patches/kernel/0031-x86-entry-Fix-idtentry-unwind-hint.patch

From b368fed558634ffc92dba0d7d9e4e631d26cd92f Mon Sep 17 00:00:00 2001
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Fri, 20 Oct 2017 11:21:33 -0500
Subject: [PATCH 031/242] x86/entry: Fix idtentry unwind hint
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

CVE-2017-5754

This fixes the following ORC warning in the 'int3' entry code:

  WARNING: can't dereference iret registers at ffff8801c5f17fe0 for ip ffffffff95f0d94b

The ORC metadata had the wrong stack offset for the iret registers.

Their location on the stack is dependent on whether the exception has an
error code.

Reported-and-tested-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: 8c1f75587a18 ("x86/entry/64: Add unwind hint annotations")
Link: http://lkml.kernel.org/r/931d57f0551ed7979d5e7e05370d445c8e5137f8.1508516398.git.jpoimboe@redhat.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
(cherry picked from commit 98990a33b77dda9babf91cb235654f6729e5702e)
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
(cherry picked from commit 266be2a5053230f6d0b6f27d3e8e9f28df40dd7e)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 arch/x86/entry/entry_64.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index c12260ef3e4b..2e4fc6425f47 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -821,7 +821,7 @@ apicinterrupt IRQ_WORK_VECTOR			irq_work_interrupt		smp_irq_work_interrupt
 
 .macro idtentry sym do_sym has_error_code:req paranoid=0 shift_ist=-1
 ENTRY(\sym)
-	UNWIND_HINT_IRET_REGS offset=8
+	UNWIND_HINT_IRET_REGS offset=\has_error_code*8
 
 	/* Sanity check */
 	.if \shift_ist != -1 && \paranoid == 0
-- 
2.14.2
add KPTI and related patches picked from Ubuntu-4.13.0-23.26 2018-01-06 17:13:39 +03:00			`From b368fed558634ffc92dba0d7d9e4e631d26cd92f Mon Sep 17 00:00:00 2001`
			`From: Josh Poimboeuf <jpoimboe@redhat.com>`
			`Date: Fri, 20 Oct 2017 11:21:33 -0500`
revert buggy SCSI error handler commit this causes kernel OOPS and upstream is unresponsive about it. see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1726519 2018-01-08 13:50:09 +03:00			`Subject: [PATCH 031/242] x86/entry: Fix idtentry unwind hint`
add KPTI and related patches picked from Ubuntu-4.13.0-23.26 2018-01-06 17:13:39 +03:00			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`CVE-2017-5754`

			`This fixes the following ORC warning in the 'int3' entry code:`

			`WARNING: can't dereference iret registers at ffff8801c5f17fe0 for ip ffffffff95f0d94b`

			`The ORC metadata had the wrong stack offset for the iret registers.`

			`Their location on the stack is dependent on whether the exception has an`
			`error code.`

			`Reported-and-tested-by: Andrei Vagin <avagin@virtuozzo.com>`
			`Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>`
			`Cc: Andy Lutomirski <luto@kernel.org>`
			`Cc: Linus Torvalds <torvalds@linux-foundation.org>`
			`Cc: Peter Zijlstra <peterz@infradead.org>`
			`Cc: Thomas Gleixner <tglx@linutronix.de>`
			`Fixes: 8c1f75587a18 ("x86/entry/64: Add unwind hint annotations")`
			`Link: http://lkml.kernel.org/r/931d57f0551ed7979d5e7e05370d445c8e5137f8.1508516398.git.jpoimboe@redhat.com`
			`Signed-off-by: Ingo Molnar <mingo@kernel.org>`
			`(cherry picked from commit 98990a33b77dda9babf91cb235654f6729e5702e)`
			`Signed-off-by: Andy Whitcroft <apw@canonical.com>`
			`Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>`
			`(cherry picked from commit 266be2a5053230f6d0b6f27d3e8e9f28df40dd7e)`
			`Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>`
			`---`
			`arch/x86/entry/entry_64.S \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S`
			`index c12260ef3e4b..2e4fc6425f47 100644`
			`--- a/arch/x86/entry/entry_64.S`
			`+++ b/arch/x86/entry/entry_64.S`
			`@@ -821,7 +821,7 @@ apicinterrupt IRQ_WORK_VECTOR irq_work_interrupt smp_irq_work_interrupt`

			`.macro idtentry sym do_sym has_error_code:req paranoid=0 shift_ist=-1`
			`ENTRY(\sym)`
			`- UNWIND_HINT_IRET_REGS offset=8`
			`+ UNWIND_HINT_IRET_REGS offset=\has_error_code*8`

			`/* Sanity check */`
			`.if \shift_ist != -1 && \paranoid == 0`
			`--`
			`2.14.2`