UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots

CVE-2017-5754 BugLink: http://bugs.launchpad.net/bugs/1742772Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>

UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots
CVE-2017-5754 BugLink: http://bugs.launchpad.net/bugs/1742772Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
00d9e152 · Michael Ellerman · Marcelo Henrique Cerri · e1f3564b · 00d9e152 · 00d9e152
Commit 00d9e152 authored Jan 05, 2018 by Michael Ellerman Committed by Marcelo Henrique Cerri Jan 12, 2018
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

arch/powerpc/include/asm/exception-64s.h arch/powerpc/include/asm/exception-64s.h +2 -0

arch/powerpc/lib/feature-fixups.c arch/powerpc/lib/feature-fixups.c +2 -1

No files found.
--- a/arch/powerpc/include/asm/exception-64s.h
+++ b/arch/powerpc/include/asm/exception-64s.h
@@ -58,10 +58,12 @@
 */
 #define PREPARE_RFI_TO_USER						\
 	RFI_FLUSH_FIXUP_SECTION;					\
+	nop;								\
 	nop

 #define PREPARE_RFI_TO_GUEST						\
 	RFI_FLUSH_FIXUP_SECTION;					\
+	nop;								\
 	nop

 #ifdef CONFIG_PPC_DEBUG_RFI

--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -142,7 +142,8 @@ void do_rfi_flush_fixups(enum l1d_flush_type types)
 		dest = (void *)start + *start;

 		pr_devel("patching dest %lx\n", (unsigned long)dest);
-		patch_instruction(dest, instr);
+		patch_instruction(dest, 0x60000000);
+		patch_instruction(dest + 1, instr);
 	}

 	printk(KERN_DEBUG "rfi-fixups: patched %d locations\n", i);