From: Andi Kleen <a...@linux.intel.com> Clear the 'extra' registers on entering the 64bit kernel for exceptions and interrupts. The common registers are not cleared since they are likely clobbered well before they can be exploited in a speculative execution attack.
Signed-off-by: Andi Kleen <a...@linux.intel.com> Signed-off-by: Dan Williams <dan.j.willi...@intel.com> --- arch/x86/entry/entry_64.S | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index 46260e951da6..d73eedf1eb47 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -563,6 +563,7 @@ END(irq_entries_start) ALLOC_PT_GPREGS_ON_STACK SAVE_C_REGS SAVE_EXTRA_REGS + CLEAR_EXTRA_REGS_NOSPEC ENCODE_FRAME_POINTER testb $3, CS(%rsp) @@ -1121,6 +1122,7 @@ ENTRY(xen_failsafe_callback) ALLOC_PT_GPREGS_ON_STACK SAVE_C_REGS SAVE_EXTRA_REGS + CLEAR_EXTRA_REGS_NOSPEC ENCODE_FRAME_POINTER jmp error_exit END(xen_failsafe_callback) @@ -1166,6 +1168,7 @@ ENTRY(paranoid_entry) cld SAVE_C_REGS 8 SAVE_EXTRA_REGS 8 + CLEAR_EXTRA_REGS_NOSPEC ENCODE_FRAME_POINTER 8 movl $1, %ebx movl $MSR_GS_BASE, %ecx @@ -1218,6 +1221,7 @@ ENTRY(error_entry) cld SAVE_C_REGS 8 SAVE_EXTRA_REGS 8 + CLEAR_EXTRA_REGS_NOSPEC ENCODE_FRAME_POINTER 8 xorl %ebx, %ebx testb $3, CS+8(%rsp) @@ -1416,6 +1420,7 @@ ENTRY(nmi) pushq %r14 /* pt_regs->r14 */ pushq %r15 /* pt_regs->r15 */ UNWIND_HINT_REGS + CLEAR_EXTRA_REGS_NOSPEC ENCODE_FRAME_POINTER /*