If syscall_trace_enter_phase1 returns 0,
code restores %rax from pt_regs->ax, but should restore it from
pt_regs->orig_ax.
The bug crept in because LOAD_ARGS macro was very sublty different
from RESTORE_ARGS, it had only two callsites and only this one
was using that difference.
Signed-off-by: Denys Vlasenko <[email protected]>
CC: Linus Torvalds <[email protected]>
CC: Steven Rostedt <[email protected]>
CC: Ingo Molnar <[email protected]>
CC: Borislav Petkov <[email protected]>
CC: "H. Peter Anvin" <[email protected]>
CC: Andy Lutomirski <[email protected]>
CC: Oleg Nesterov <[email protected]>
CC: Frederic Weisbecker <[email protected]>
CC: Alexei Starovoitov <[email protected]>
CC: Will Drewry <[email protected]>
CC: Kees Cook <[email protected]>
CC: [email protected]
CC: [email protected]
---
arch/x86/kernel/entry_64.S | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
index da61974..519498d 100644
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -316,7 +316,8 @@ tracesys:
call syscall_trace_enter_phase1
test %rax, %rax
jnz tracesys_phase2 /* if needed, run the slow path */
- RESTORE_C_REGS /* else restore clobbered regs */
+ RESTORE_C_REGS_EXCEPT_RAX /* else restore clobbered regs */
+ movq ORIG_RAX(%rsp), %rax
jmp system_call_fastpath /* and return to the fast path */
tracesys_phase2:
--
1.8.1.4
On Thu, Feb 26, 2015 at 6:08 AM, Denys Vlasenko <[email protected]> wrote:
> If syscall_trace_enter_phase1 returns 0,
> code restores %rax from pt_regs->ax, but should restore it from
> pt_regs->orig_ax.
>
> The bug crept in because LOAD_ARGS macro was very sublty different
> from RESTORE_ARGS, it had only two callsites and only this one
> was using that difference.
I folded this in to the original patch to avoid breaking bisection. I
put the missing -ARGOFFSET in and then removed it again in the
appropriate place later in the series.
--Andy