1 files changed, 16 insertions, 8 deletions

diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
index bea8474744ff..c7341e81941c 100644
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -582,7 +582,6 @@ retint_restore_args:	/* return to kernel space */
         TRACE_IRQS_IRETQ
 restore_args:
         RESTORE_ARGS 0,8,0                                              
-iret_label:     
 #ifdef CONFIG_PARAVIRT
         INTERRUPT_RETURN
 #endif
@@ -593,13 +592,22 @@ ENTRY(native_iret)
         .quad native_iret, bad_iret
         .previous
         .section .fixup,"ax"
-        /* force a signal here? this matches i386 behaviour */
-        /* running with kernel gs */
 bad_iret:
-        movq $11,%rdi   /* SIGSEGV */
-        TRACE_IRQS_ON
-        ENABLE_INTERRUPTS(CLBR_ANY | ~(CLBR_RDI))
-        jmp do_exit
+        /*
+         * The iret traps when the %cs or %ss being restored is bogus.
+         * We've lost the original trap vector and error code.
+         * #GPF is the most likely one to get for an invalid selector.
+         * So pretend we completed the iret and took the #GPF in user mode.
+         *
+         * We are now running with the kernel GS after exception recovery.
+         * But error_entry expects us to have user GS to match the user %cs,
+         * so swap back.
+         */
+        pushq $0
+
+        SWAPGS
+        jmp general_protection
+
         .previous
 
         /* edi: workmask, edx: work */
@@ -911,7 +919,7 @@ error_kernelspace:
            iret run with kernel gs again, so don't set the user space flag.
            B stepping K8s sometimes report an truncated RIP for IRET 
            exceptions returning to compat mode. Check for these here too. */
-        leaq iret_label(%rip),%rbp
+        leaq native_iret(%rip),%rbp
         cmpq %rbp,RIP(%rsp) 
         je   error_swapgs
         movl %ebp,%ebp  /* zero extend */