diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-05-16 16:05:45 -0400 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2016-05-17 02:25:06 -0400 |
| commit | 683ad8092cd262a02d01377dd17a29d492438b90 (patch) | |
| tree | de519e97f7631dc3eb03e7dee2a7512c6d9e3cea /arch | |
| parent | e8df1a95b685af84a81698199ee206e0e66a8b44 (diff) | |
x86/efi: Fix 7-parameter efi_call()s
Alex Thorlton reported that the SGI/UV code crashes in the efi_call()
code when invoked with 7 parameters, due to:
mov (%rsp), %rax
mov 8(%rax), %rax
...
mov %rax, 40(%rsp)
Offset 8 is only true if CONFIG_FRAME_POINTERS is disabled,
with frame pointers enabled it should be 16.
Furthermore, the SAVE_XMM code saves the old stack pointer, but
that's just crazy. It saves the stack pointer *AFTER* we've done
the:
FRAME_BEGIN
... which will have *changed* the stack pointer, depending on whether
stack frames are enabled or not.
So when the code then does:
mov (%rsp), %rax
... we now move that old stack pointer into %rax, but the offset off that
stack pointer will depend on whether that FRAME_BEGIN saved off %rbp
or not.
So that whole 8-vs-16 offset confusion depends on the frame pointer!
If frame pointers were enabled, it will be 16. If they weren't, it
will be 8.
The right fix is to just get rid of that silly conditional frame
pointer thing, and always use frame pointers in this stub function.
And then we don't need that (odd) load to get the old stack
pointer into %rax - we can just use the frame pointer.
Reported-by: Alex Thorlton <athorlton@sgi.com>
Tested-by: Alex Thorlton <athorlton@sgi.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Link: http://lkml.kernel.org/r/CA%2B55aFzBS2v%3DWnEH83cUDg7XkOremFqJ30BJwF40dCYjReBkUQ@mail.gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/platform/efi/efi_stub_64.S | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/arch/x86/platform/efi/efi_stub_64.S b/arch/x86/platform/efi/efi_stub_64.S index 92723aeae0f9..cd95075944ab 100644 --- a/arch/x86/platform/efi/efi_stub_64.S +++ b/arch/x86/platform/efi/efi_stub_64.S | |||
| @@ -11,7 +11,6 @@ | |||
| 11 | #include <asm/msr.h> | 11 | #include <asm/msr.h> |
| 12 | #include <asm/processor-flags.h> | 12 | #include <asm/processor-flags.h> |
| 13 | #include <asm/page_types.h> | 13 | #include <asm/page_types.h> |
| 14 | #include <asm/frame.h> | ||
| 15 | 14 | ||
| 16 | #define SAVE_XMM \ | 15 | #define SAVE_XMM \ |
| 17 | mov %rsp, %rax; \ | 16 | mov %rsp, %rax; \ |
| @@ -40,10 +39,10 @@ | |||
| 40 | mov (%rsp), %rsp | 39 | mov (%rsp), %rsp |
| 41 | 40 | ||
| 42 | ENTRY(efi_call) | 41 | ENTRY(efi_call) |
| 43 | FRAME_BEGIN | 42 | pushq %rbp |
| 43 | movq %rsp, %rbp | ||
| 44 | SAVE_XMM | 44 | SAVE_XMM |
| 45 | mov (%rsp), %rax | 45 | mov 16(%rbp), %rax |
| 46 | mov 8(%rax), %rax | ||
| 47 | subq $48, %rsp | 46 | subq $48, %rsp |
| 48 | mov %r9, 32(%rsp) | 47 | mov %r9, 32(%rsp) |
| 49 | mov %rax, 40(%rsp) | 48 | mov %rax, 40(%rsp) |
| @@ -53,6 +52,6 @@ ENTRY(efi_call) | |||
| 53 | call *%rdi | 52 | call *%rdi |
| 54 | addq $48, %rsp | 53 | addq $48, %rsp |
| 55 | RESTORE_XMM | 54 | RESTORE_XMM |
| 56 | FRAME_END | 55 | popq %rbp |
| 57 | ret | 56 | ret |
| 58 | ENDPROC(efi_call) | 57 | ENDPROC(efi_call) |