CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Konstantin Belousov <kib@FreeBSD.org>
	Sat, 22 May 2021 19:48:36 +0000 (22:48 +0300)
committer	Mark Johnston <markj@FreeBSD.org>
	Wed, 26 May 2021 19:31:22 +0000 (15:31 -0400)
commit	c690965773831b46f84a242b417372fc499302b4
tree	618474237ece16f8164e0bad131d71d27c85118a	tree \| snapshot
parent	22b58630d6ba256242a4622c70c2f68ca6892de2	commit \| diff

amd64: clear PSL.AC in the right frame

If copyin family of routines fault, kernel does clear PSL.AC on the
fault entry, but the AC flag of the faulted frame is kept intact. Since
onfault handler is effectively jump, AC survives until syscall exit.

Approved by: so
Security: FreeBSD-SA-21:11.smap
Security: CVE-2021-29628
Reported by: m00nbsd, via Sony
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
admbugs: 975

(cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9)
(cherry picked from commit 6bbde34ae6088285af9d1cc587249c3e7a0159a9)

sys/amd64/amd64/support.S		diff \| blob \| history
sys/amd64/linux/linux_support.s		diff \| blob \| history
sys/amd64/linux32/linux32_support.s		diff \| blob \| history