From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 14 Jul 2022 08:30:44 +0000 (+0200)
Subject: 5.15-stable patches
X-Git-Tag: v5.18.12~14
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0f3ee53c9588036b8be259baa95419c7a8a633bb;p=thirdparty%2Fkernel%2Fstable-queue.git

5.15-stable patches

added patches:
	x86-xen-fix-initialisation-in-hypercall_page-after-rethunk.patch
---

diff --git a/queue-5.15/series b/queue-5.15/series
index 30e3b622968..b1058aeeb5c 100644
--- a/queue-5.15/series
+++ b/queue-5.15/series
@@ -76,3 +76,4 @@ x86-bugs-do-not-enable-ibpb-on-entry-when-ibpb-is-not-supported.patch
 x86-kexec-disable-ret-on-kexec.patch
 x86-speculation-disable-rrsba-behavior.patch
 x86-static_call-serialize-__static_call_fixup-properly.patch
+x86-xen-fix-initialisation-in-hypercall_page-after-rethunk.patch
diff --git a/queue-5.15/x86-xen-fix-initialisation-in-hypercall_page-after-rethunk.patch b/queue-5.15/x86-xen-fix-initialisation-in-hypercall_page-after-rethunk.patch
new file mode 100644
index 00000000000..232320d2fc8
--- /dev/null
+++ b/queue-5.15/x86-xen-fix-initialisation-in-hypercall_page-after-rethunk.patch
@@ -0,0 +1,34 @@
+From foo@baz Thu Jul 14 10:26:50 AM CEST 2022
+Date: Thu, 14 Jul 2022 00:50:16 +0200
+To: Greg KH <gregkh@linuxfoundation.org>
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Thu, 14 Jul 2022 00:39:33 +0200
+Subject: x86/xen: Fix initialisation in hypercall_page after rethunk
+
+From: Ben Hutchings <ben@decadent.org.uk>
+
+The hypercall_page is special and the RETs there should not be changed
+into rethunk calls (but can have SLS mitigation).  Change the initial
+instructions to ret + int3 padding, as was done in upstream commit
+5b2fc51576ef "x86/ibt,xen: Sprinkle the ENDBR".
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/xen/xen-head.S |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/xen/xen-head.S
++++ b/arch/x86/xen/xen-head.S
+@@ -69,9 +69,9 @@ SYM_CODE_END(asm_cpu_bringup_and_idle)
+ SYM_CODE_START(hypercall_page)
+ 	.rept (PAGE_SIZE / 32)
+ 		UNWIND_HINT_FUNC
+-		.skip 31, 0x90
+ 		ANNOTATE_UNRET_SAFE
+-		RET
++		ret
++		.skip 31, 0xcc
+ 	.endr
+ 
+ #define HYPERCALL(n) \