x86/entry/64/compat: Fix SYSENTER's NT flag before user memory access

author Andy Lutomirski <luto@kernel.org>

Tue, 6 Oct 2015 00:47:53 +0000 (17:47 -0700)

committer Ingo Molnar <mingo@kernel.org>

Wed, 7 Oct 2015 09:34:07 +0000 (11:34 +0200)
author Andy Lutomirski <luto@kernel.org>
Tue, 6 Oct 2015 00:47:53 +0000 (17:47 -0700)
committer Ingo Molnar <mingo@kernel.org>
Wed, 7 Oct 2015 09:34:07 +0000 (11:34 +0200)
diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S

index a9360d40fb7fd5f518077cc2d9aaa63cfd4853aa..e2cca89c1ed33a9f4b5ee00d37c18b39f9c10600 100644 (file)
--- a/arch/x86/entry/entry_64_compat.S
+++ b/arch/x86/entry/entry_64_compat.S
@@ -88,15 +88,6 @@ ENTRY(entry_SYSENTER_compat)
         cld
         sub     $(10*8), %rsp /* pt_regs->r8-11, bp, bx, r12-15 not saved */
  
-       /*
-        * no need to do an access_ok check here because rbp has been
-        * 32-bit zero extended
-        */
-       ASM_STAC
-1:     movl    (%rbp), %ebp
-       _ASM_EXTABLE(1b, ia32_badarg)
-       ASM_CLAC
-
         /*
          * Sysenter doesn't filter flags, so we need to clear NT
          * ourselves.  To save a few cycles, we can check whether
@@ -106,6 +97,15 @@ ENTRY(entry_SYSENTER_compat)
         jnz     sysenter_fix_flags
  sysenter_flags_fixed:
  
+       /*
+        * No need to do an access_ok() check here because RBP has been
+        * 32-bit zero extended:
+        */
+       ASM_STAC
+1:     movl    (%rbp), %ebp
+       _ASM_EXTABLE(1b, ia32_badarg)
+       ASM_CLAC
+
         orl     $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
         testl   $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
         jnz     sysenter_tracesys
author	Andy Lutomirski <luto@kernel.org>
	Tue, 6 Oct 2015 00:47:53 +0000 (17:47 -0700)
committer	Ingo Molnar <mingo@kernel.org>
	Wed, 7 Oct 2015 09:34:07 +0000 (11:34 +0200)