summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndi Kleen <ak@suse.de>2006-07-28 14:44:45 +0200
committerLinus Torvalds <torvalds@g5.osdl.org>2006-07-28 19:28:00 -0700
commit0e92da4acb763272c6060f0b14adc2377b627d07 (patch)
treef720ea910c370c86a244a6ac4b94706bac276ad0
parentd5a2601734bcc740ee78dc4cb0c56b5687da7bd9 (diff)
downloadlinux-0e92da4acb763272c6060f0b14adc2377b627d07.tar.gz
linux-0e92da4acb763272c6060f0b14adc2377b627d07.tar.bz2
linux-0e92da4acb763272c6060f0b14adc2377b627d07.zip
[PATCH] x86_64: Don't clobber r8-r11 in int 0x80 handler
When int 0x80 is called from long mode r8-r11 would leak out of the kernel (or rather they would be filled with some values from the kernel stack). I don't think it's a security issue because the values come from the fixed stack frame which should be near always user registers from a previous interrupt. Still better fix it. Longer term the register save macros need to be cleaned up to avoid such mistakes in the future. Original analysis from Richard Brunner, fix by me. Cc: Richard.Brunner@amd.com Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--arch/x86_64/ia32/ia32entry.S2
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/x86_64/ia32/ia32entry.S b/arch/x86_64/ia32/ia32entry.S
index 9b5bb413a6e9..5d4a7d125ed0 100644
--- a/arch/x86_64/ia32/ia32entry.S
+++ b/arch/x86_64/ia32/ia32entry.S
@@ -103,7 +103,7 @@ ENTRY(ia32_sysenter_target)
pushq %rax
CFI_ADJUST_CFA_OFFSET 8
cld
- SAVE_ARGS 0,0,1
+ SAVE_ARGS 0,0,0
/* no need to do an access_ok check here because rbp has been
32bit zero extended */
1: movl (%rbp),%r9d