From cc08a7f9e5b23006f795222643d6887619cc6bc5 Mon Sep 17 00:00:00 2001 From: Julien Thierry Date: Wed, 13 Feb 2019 19:53:27 +0800 Subject: [PATCH] arm64: Use daifflag_restore after bp_hardening mainline inclusion from mainline-v4.20-rc1 commit 9a0c032825e073e002ee80cf2577431d7296a7f7 category: bugfix bugzilla: 9291 CVE: NA -------------------------------- For EL0 entries requiring bp_hardening, daif status is kept at DAIF_PROCCTX_NOIRQ until after hardening has been done. Then interrupts are enabled through local_irq_enable(). Before using local_irq_* functions, daifflags should be properly restored to a state where IRQs are enabled. Enable IRQs by restoring DAIF_PROCCTX state after bp hardening. Acked-by: James Morse Signed-off-by: Julien Thierry Cc: Will Deacon Cc: Mark Rutland Signed-off-by: Catalin Marinas Signed-off-by: Wei Li Reviewed-by: Hanjun Guo Signed-off-by: Yang Yingliang --- arch/arm64/mm/fault.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 97ba2ba78aee..babd2d5abcb4 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include #include @@ -780,7 +781,7 @@ asmlinkage void __exception do_el0_ia_bp_hardening(unsigned long addr, if (addr > TASK_SIZE) arm64_apply_bp_hardening(); - local_irq_enable(); + local_daif_restore(DAIF_PROCCTX); do_mem_abort(addr, esr, regs); } @@ -794,7 +795,7 @@ asmlinkage void __exception do_sp_pc_abort(unsigned long addr, if (user_mode(regs)) { if (instruction_pointer(regs) > TASK_SIZE) arm64_apply_bp_hardening(); - local_irq_enable(); + local_daif_restore(DAIF_PROCCTX); } clear_siginfo(&info); -- GitLab