Skip to content

Commit 64adf22

Browse files
pa1guptagregkh
pa1gupta
authored and
gregkh
committed
x86/entry_32: Clear CPU buffers after register restore in NMI return
commit 48a2440 upstream. CPU buffers are currently cleared after call to exc_nmi, but before register state is restored. This may be okay for MDS mitigation but not for RDFS. Because RDFS mitigation requires CPU buffers to be cleared when registers don't have any sensitive data. Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI. Fixes: a0e2dab ("x86/entry_32: Add VERW just before userspace transition") Suggested-by: Dave Hansen <[email protected]> Signed-off-by: Pawan Gupta <[email protected]> Signed-off-by: Dave Hansen <[email protected]> Cc:[email protected] Link: https://lore.kernel.org/all/20240925-fix-dosemu-vm86-v7-2-1de0daca2d42%40linux.intel.com Signed-off-by: Greg Kroah-Hartman <[email protected]>
1 parent 8a9e3d7 commit 64adf22

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

arch/x86/entry/entry_32.S

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1145,7 +1145,6 @@ SYM_CODE_START(asm_exc_nmi)
11451145

11461146
/* Not on SYSENTER stack. */
11471147
call exc_nmi
1148-
CLEAR_CPU_BUFFERS
11491148
jmp .Lnmi_return
11501149

11511150
.Lnmi_from_sysenter_stack:
@@ -1166,6 +1165,7 @@ SYM_CODE_START(asm_exc_nmi)
11661165

11671166
CHECK_AND_APPLY_ESPFIX
11681167
RESTORE_ALL_NMI cr3_reg=%edi pop=4
1168+
CLEAR_CPU_BUFFERS
11691169
jmp .Lirq_return
11701170

11711171
#ifdef CONFIG_X86_ESPFIX32
@@ -1207,6 +1207,7 @@ SYM_CODE_START(asm_exc_nmi)
12071207
* 1 - orig_ax
12081208
*/
12091209
lss (1+5+6)*4(%esp), %esp # back to espfix stack
1210+
CLEAR_CPU_BUFFERS
12101211
jmp .Lirq_return
12111212
#endif
12121213
SYM_CODE_END(asm_exc_nmi)

0 commit comments

Comments
 (0)