aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--arch/i386/kernel/entry.S3
-rw-r--r--arch/i386/kernel/process.c12
2 files changed, 14 insertions, 1 deletions
diff --git a/arch/i386/kernel/entry.S b/arch/i386/kernel/entry.S
index 1e45ff292bc9..3c73dc865ead 100644
--- a/arch/i386/kernel/entry.S
+++ b/arch/i386/kernel/entry.S
@@ -245,6 +245,9 @@ syscall_exit:
245 245
246restore_all: 246restore_all:
247 movl EFLAGS(%esp), %eax # mix EFLAGS, SS and CS 247 movl EFLAGS(%esp), %eax # mix EFLAGS, SS and CS
248 # Warning: OLDSS(%esp) contains the wrong/random values if we
249 # are returning to the kernel.
250 # See comments in process.c:copy_thread() for details.
248 movb OLDSS(%esp), %ah 251 movb OLDSS(%esp), %ah
249 movb CS(%esp), %al 252 movb CS(%esp), %al
250 andl $(VM_MASK | (4 << 8) | 3), %eax 253 andl $(VM_MASK | (4 << 8) | 3), %eax
diff --git a/arch/i386/kernel/process.c b/arch/i386/kernel/process.c
index c36fedf40e95..36145efc61b5 100644
--- a/arch/i386/kernel/process.c
+++ b/arch/i386/kernel/process.c
@@ -405,7 +405,17 @@ int copy_thread(int nr, unsigned long clone_flags, unsigned long esp,
405 childregs->esp = esp; 405 childregs->esp = esp;
406 406
407 p->thread.esp = (unsigned long) childregs; 407 p->thread.esp = (unsigned long) childregs;
408 p->thread.esp0 = (unsigned long) (childregs+1); 408 /*
409 * The below -8 is to reserve 8 bytes on top of the ring0 stack.
410 * This is necessary to guarantee that the entire "struct pt_regs"
411 * is accessable even if the CPU haven't stored the SS/ESP registers
412 * on the stack (interrupt gate does not save these registers
413 * when switching to the same priv ring).
414 * Therefore beware: accessing the xss/esp fields of the
415 * "struct pt_regs" is possible, but they may contain the
416 * completely wrong values.
417 */
418 p->thread.esp0 = (unsigned long) (childregs+1) - 8;
409 419
410 p->thread.eip = (unsigned long) ret_from_fork; 420 p->thread.eip = (unsigned long) ret_from_fork;
411 421