diff options
author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-14 11:01:47 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-14 11:01:47 -0500 |
commit | cbf0ec6ee001ab89471397ac84105b2e3b2fd986 (patch) | |
tree | c5962763cc47cc36b4c1ff1c4c56b96b256a4657 | |
parent | ceb2ca9cb0bfd885127fa9a2c27127b3fe1c8f28 (diff) |
Revert "[PATCH] x86-64: Fix up handling of non canonical user RIPs"
This reverts commit c33d4568aca9028a22857f94f5e0850012b6444b.
Andrew Clayton and Hugh Dickins report that it's broken for them and
causes strange page table and slab corruption, and spontaneous reboots.
Let's get it right next time.
Cc: Andrew Clayton <andrew@rootshell.co.uk>
Cc: Hugh Dickins <hugh@veritas.com>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | arch/x86_64/kernel/entry.S | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/arch/x86_64/kernel/entry.S b/arch/x86_64/kernel/entry.S index 22cb6ee074b9..7c10e9009d61 100644 --- a/arch/x86_64/kernel/entry.S +++ b/arch/x86_64/kernel/entry.S | |||
@@ -178,12 +178,6 @@ rff_trace: | |||
178 | * Interrupts are off on entry. | 178 | * Interrupts are off on entry. |
179 | * Only called from user space. | 179 | * Only called from user space. |
180 | * | 180 | * |
181 | * EM64T CPUs have somewhat weird error reporting for non canonical RIPs in SYSRET. | ||
182 | * We can't handle any exceptions there because the exception handler would | ||
183 | * end up running on the user stack which is unsafe. To avoid problems | ||
184 | * any code that might end up with a user touched pt_regs should return | ||
185 | * using int_ret_from_syscall. | ||
186 | * | ||
187 | * XXX if we had a free scratch register we could save the RSP into the stack frame | 181 | * XXX if we had a free scratch register we could save the RSP into the stack frame |
188 | * and report it properly in ps. Unfortunately we haven't. | 182 | * and report it properly in ps. Unfortunately we haven't. |
189 | */ | 183 | */ |
@@ -260,9 +254,7 @@ sysret_signal: | |||
260 | xorl %esi,%esi # oldset -> arg2 | 254 | xorl %esi,%esi # oldset -> arg2 |
261 | call ptregscall_common | 255 | call ptregscall_common |
262 | 1: movl $_TIF_NEED_RESCHED,%edi | 256 | 1: movl $_TIF_NEED_RESCHED,%edi |
263 | /* Stack frame might have been changed. The IRET path does | 257 | jmp sysret_check |
264 | some additional checks to handle this */ | ||
265 | jmp int_with_check | ||
266 | 258 | ||
267 | badsys: | 259 | badsys: |
268 | movq $-ENOSYS,RAX-ARGOFFSET(%rsp) | 260 | movq $-ENOSYS,RAX-ARGOFFSET(%rsp) |
@@ -288,8 +280,7 @@ tracesys: | |||
288 | call syscall_trace_leave | 280 | call syscall_trace_leave |
289 | RESTORE_TOP_OF_STACK %rbx | 281 | RESTORE_TOP_OF_STACK %rbx |
290 | RESTORE_REST | 282 | RESTORE_REST |
291 | /* Stack frame might have been changed. Use the more careful IRET path */ | 283 | jmp ret_from_sys_call |
292 | jmp int_ret_from_sys_call | ||
293 | CFI_ENDPROC | 284 | CFI_ENDPROC |
294 | 285 | ||
295 | /* | 286 | /* |
@@ -417,9 +408,25 @@ ENTRY(stub_execve) | |||
417 | CFI_ADJUST_CFA_OFFSET -8 | 408 | CFI_ADJUST_CFA_OFFSET -8 |
418 | CFI_REGISTER rip, r11 | 409 | CFI_REGISTER rip, r11 |
419 | SAVE_REST | 410 | SAVE_REST |
411 | movq %r11, %r15 | ||
412 | CFI_REGISTER rip, r15 | ||
420 | FIXUP_TOP_OF_STACK %r11 | 413 | FIXUP_TOP_OF_STACK %r11 |
421 | call sys_execve | 414 | call sys_execve |
415 | GET_THREAD_INFO(%rcx) | ||
416 | bt $TIF_IA32,threadinfo_flags(%rcx) | ||
417 | CFI_REMEMBER_STATE | ||
418 | jc exec_32bit | ||
422 | RESTORE_TOP_OF_STACK %r11 | 419 | RESTORE_TOP_OF_STACK %r11 |
420 | movq %r15, %r11 | ||
421 | CFI_REGISTER rip, r11 | ||
422 | RESTORE_REST | ||
423 | pushq %r11 | ||
424 | CFI_ADJUST_CFA_OFFSET 8 | ||
425 | CFI_REL_OFFSET rip, 0 | ||
426 | ret | ||
427 | |||
428 | exec_32bit: | ||
429 | CFI_RESTORE_STATE | ||
423 | movq %rax,RAX(%rsp) | 430 | movq %rax,RAX(%rsp) |
424 | RESTORE_REST | 431 | RESTORE_REST |
425 | jmp int_ret_from_sys_call | 432 | jmp int_ret_from_sys_call |