Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Thomas Gleixner: "Two bugfixes from Andy addressing at least some of the subtle NMI related wreckage which has been reported by Sasha Levin" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/nmi/64: Fix a paravirt stack-clobbering bug in the NMI code x86/paravirt: Replace the paravirt nop with a bona fide empty function
author: Linus Torvalds <torvalds@linux-foundation.org> 2015-09-27 06:51:42 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2015-09-27 06:51:42 -0400
commit: 162e6df47c4f80c87cb617ec473eca015df454ca (patch)
tree: 3b0a445994d3fad35ebed41d10316d6d5bdef941
parent: 5a6bdf06bbd022db25d9935273b409c337c48a6b (diff)
parent: 83c133cf11fb0e68a51681447e372489f052d40e (diff)
2 files changed, 27 insertions, 5 deletions
diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index d3033183ed70..055a01de7c8d 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1128,7 +1128,18 @@ END(error_exit)
 /* Runs on exception stack */
 ENTRY(nmi)
+        /*
+         * Fix up the exception frame if we're on Xen.
+         * PARAVIRT_ADJUST_EXCEPTION_FRAME is guaranteed to push at most
+         * one value to the stack on native, so it may clobber the rdx
+         * scratch slot, but it won't clobber any of the important
+         * slots past it.
+         *
+         * Xen is a different story, because the Xen frame itself overlaps
+         * the "NMI executing" variable.
+         */
        PARAVIRT_ADJUST_EXCEPTION_FRAME
        /*
         * We allow breakpoints in NMIs. If a breakpoint occurs, then
         * the iretq it performs will take us out of NMI context.
@@ -1179,9 +1190,12 @@ ENTRY(nmi)
         * we don't want to enable interrupts, because then we'll end
         * up in an awkward situation in which IRQs are on but NMIs
         * are off.
+         *
+         * We also must not push anything to the stack before switching
+         * stacks lest we corrupt the "NMI executing" variable.
         */
-        SWAPGS
+        SWAPGS_UNSAFE_STACK
        cld
        movq    %rsp, %rdx
        movq    PER_CPU_VAR(cpu_current_top_of_stack), %rsp
diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c
index f68e48f5f6c2..c2130aef3f9d 100644
--- a/arch/x86/kernel/paravirt.c
+++ b/arch/x86/kernel/paravirt.c
@@ -41,10 +41,18 @@
 #include <asm/timer.h>
 #include <asm/special_insns.h>
-/* nop stub */
+/*
-void _paravirt_nop(void)
+ * nop stub, which must not clobber anything *including the stack* to
-{
+ * avoid confusing the entry prologues.
-}
+ */
+extern void _paravirt_nop(void);
+asm (".pushsection .entry.text, \"ax\"\n"
+     ".global _paravirt_nop\n"
+     "_paravirt_nop:\n\t"
+     "ret\n\t"
+     ".size _paravirt_nop, . - _paravirt_nop\n\t"
+     ".type _paravirt_nop, @function\n\t"
+     ".popsection");
 /* identity function, which can be inlined */
 u32 _paravirt_ident_32(u32 x)
author	Linus Torvalds <torvalds@linux-foundation.org>	2015-09-27 06:51:42 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2015-09-27 06:51:42 -0400
commit	162e6df47c4f80c87cb617ec473eca015df454ca (patch)
tree	3b0a445994d3fad35ebed41d10316d6d5bdef941
parent	5a6bdf06bbd022db25d9935273b409c337c48a6b (diff)
parent	83c133cf11fb0e68a51681447e372489f052d40e (diff)