ksplice: Clear garbage data on the kernel stack when handling signals

The garbage data can give false-positives for the Ksplice safety checks
making it difficult (or sometimes impossible) to apply the rebootless
updates.  Clear the garbage with 0-words to avoid this.
Signed-off-by: Jamie Iles <jamie.iles@oracle.com>
Signed-off-by: Maxim Uvarov <maxim.uvarov@oracle.com>

diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S
index 6ed91d9980e240b73fa824f7db00d8065d145316..a9c187f31013c8b6ccb9b99c93aa0d5c9b3d1793 100644 (file)
--- a/arch/x86/kernel/entry_32.S
+++ b/arch/x86/kernel/entry_32.S
@@ -641,7 +641,7 @@ work_notifysig:                             # deal with pending signals and
        cmpb $USER_RPL, %bl
        jb resume_kernel
        xorl %edx, %edx
-       call do_notify_resume
+       call clear_stack_do_notify_resume
        jmp resume_userspace
 
 #ifdef CONFIG_VM86
@@ -655,6 +655,33 @@ work_notifysig_v86:
 #endif
 END(work_pending)
 
+    # Clear the stack before handling signals
+    ALIGN
+#define STACK_CLEAR_WORDS    0x80
+ENTRY(clear_stack_do_notify_resume)
+    testl $_TIF_SIGPENDING, %ecx
+    jnz do_notify_resume
+
+    push %eax
+    push %ecx
+    push %edi
+
+    movl %esp, %edi
+    subl $4, %edi
+    movl $STACK_CLEAR_WORDS, %ecx
+    xorl %eax, %eax
+
+    std
+    rep stosl
+    cld
+
+    pop %edi
+    pop %ecx
+    pop %eax
+
+    jmp do_notify_resume
+END(clear_stack_do_notify_resume)
+
        # perform syscall exit tracing
        ALIGN
 syscall_trace_entry:

diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
index cb3c591339aa3d4242e420d181b83f3a62ced2c3..0cf8079397c5ca7047f7500ebd0fd995131dc21a 100644 (file)
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -818,7 +818,7 @@ int_signal:
        jz 1f
        movq %rsp,%rdi          # &ptregs -> arg1
        xorl %esi,%esi          # oldset -> arg2
-       call do_notify_resume
+       call clear_stack_do_notify_resume
 1:     movl $_TIF_WORK_MASK,%edi
 int_restore_rest:
        RESTORE_REST
@@ -1115,7 +1115,7 @@ retint_signal:
        movq $-1,ORIG_RAX(%rsp)
        xorl %esi,%esi          # oldset
        movq %rsp,%rdi          # &pt_regs
-       call do_notify_resume
+       call clear_stack_do_notify_resume
        RESTORE_REST
        DISABLE_INTERRUPTS(CLBR_NONE)
        TRACE_IRQS_OFF
@@ -1527,7 +1527,7 @@ paranoid_userspace:
        ENABLE_INTERRUPTS(CLBR_NONE)
        xorl %esi,%esi                  /* arg2: oldset */
        movq %rsp,%rdi                  /* arg1: &pt_regs */
-       call do_notify_resume
+       call clear_stack_do_notify_resume
        DISABLE_INTERRUPTS(CLBR_NONE)
        TRACE_IRQS_OFF
        jmp paranoid_userspace
@@ -1880,6 +1880,28 @@ ENTRY(ignore_sysret)
        CFI_ENDPROC
 END(ignore_sysret)
 
+    # Clear the stack before handling signals
+#define STACK_CLEAR_WORDS    0x80
+ENTRY(clear_stack_do_notify_resume)
+    testl $_TIF_SIGPENDING, %edx
+    jnz do_notify_resume
+
+    pushq %rdi
+
+    movq %rsp, %rdi
+    subq $8, %rdi
+    movl $STACK_CLEAR_WORDS, %ecx
+    xorq %rax, %rax
+
+    std
+    rep stosq
+    cld
+
+    popq %rdi
+
+    jmp do_notify_resume
+END(clear_stack_do_notify_resume)
+
 /*
  * End of kprobes section
  */