Andy Lutomirski <[email protected]> writes: > Rusty noticed a Really Bad Bug (tm) in my NT fix. The entry code > reads out of bounds, causing the NT fix to be unreliable. But, and > this is much, much worse, if your stack is somehow just below the > top of the direct map (or a hole), you read out of bounds and crash. > > Excerpt from the crash: > > [ 1.129513] RSP: 0018:ffff88001da4bf88 EFLAGS: 00010296 > > 2b:* f7 84 24 90 00 00 00 testl $0x4000,0x90(%rsp) > > That read is deterministically above the top of the stack. I > thought I even single-stepped through this code when I wrote it to > check the offset, but I clearly screwed it up. > > Fixes 8c7aa698baca x86_64, entry: Filter RFLAGS.NT on entry from userspace > > Reported-by: Rusty Russell <[email protected]> > Cc: [email protected] > Signed-off-by: Andy Lutomirski <[email protected]>
Tested-by: Rusty Russell <[email protected]> Thanks for the fast response... Rusty. -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
