From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 9 Jan 2018 03:58:20 +0000 (-0500)
Subject: x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL
X-Git-Tag: v4.1.12-124.31.3~1283
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=d70e64daf839dbbcd534c982f2df2035f5a3f518;p=users%2Fjedix%2Flinux-maple.git

x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL

We missed them in the first round of backporting.

Also move the DISABLE_IBRS _after_ the trace_hardirqs_on_caller
call.

Orabug: 27344012
CVE:CVE-2017-5715

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
v2: Move the DISABLE_IBRS after the TRACE_HARDIRQ macro
    Move the ENABLE_IBRS up

Signed-off-by: Brian Maly <brian.maly@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
---

diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
index 9d7a93bd8bb1..36d3ec7e4cdc 100644
--- a/arch/x86/ia32/ia32entry.S
+++ b/arch/x86/ia32/ia32entry.S
@@ -373,6 +373,10 @@ ENTRY(ia32_cstar_target)
 	movl	%esp,%r8d
 	CFI_REGISTER	rsp,r8
 	movq	PER_CPU_VAR(cpu_current_top_of_stack),%rsp
+
+	ENABLE_IBRS
+	STUFF_RSB
+
 	ENABLE_INTERRUPTS(CLBR_NONE)
 
 	/* Zero-extending 32-bit regs, do not remove */
@@ -435,6 +439,7 @@ sysretl_from_sys_call:
 	xorq	%r9,%r9
 	xorq	%r8,%r8
 	TRACE_IRQS_ON
+	DISABLE_IBRS
 	SWITCH_USER_CR3
 	movl RSP(%rsp),%esp
 	CFI_RESTORE rsp