From: Greg Kroah-Hartman Date: Sun, 15 Oct 2017 14:34:10 +0000 (+0200) Subject: 4.4-stable patches X-Git-Tag: v3.18.76~7 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4df49169812e5c7bc0f09f8c50ba4a1d28409247;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch --- diff --git a/queue-4.4/series b/queue-4.4/series index 2bf0985bf9e..6e13699545a 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -25,3 +25,4 @@ usb-serial-cp210x-add-support-for-elv-tfd500.patch usb-serial-option-add-support-for-tp-link-lte-module.patch usb-serial-qcserial-add-dell-dw5818-dw5819.patch usb-serial-console-fix-use-after-free-after-failed-setup.patch +x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch diff --git a/queue-4.4/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch b/queue-4.4/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch new file mode 100644 index 00000000000..cfee83ad2d8 --- /dev/null +++ b/queue-4.4/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch @@ -0,0 +1,79 @@ +From 6b32c126d33d5cb379bca280ab8acedc1ca978ff Mon Sep 17 00:00:00 2001 +From: Mathias Krause +Date: Thu, 5 Oct 2017 20:30:12 +0200 +Subject: x86/alternatives: Fix alt_max_short macro to really be a max() + +From: Mathias Krause + +commit 6b32c126d33d5cb379bca280ab8acedc1ca978ff upstream. + +The alt_max_short() macro in asm/alternative.h does not work as +intended, leading to nasty bugs. E.g. alt_max_short("1", "3") +evaluates to 3, but alt_max_short("3", "1") evaluates to 1 -- not +exactly the maximum of 1 and 3. + +In fact, I had to learn it the hard way by crashing my kernel in not +so funny ways by attempting to make use of the ALTENATIVE_2 macro +with alternatives where the first one was larger than the second +one. + +According to [1] and commit dbe4058a6a44 ("x86/alternatives: Fix +ALTERNATIVE_2 padding generation properly") the right handed side +should read "-(-(a < b))" not "-(-(a - b))". Fix that, to make the +macro work as intended. + +While at it, fix up the comments regarding the additional "-", too. +It's not about gas' usage of s32 but brain dead logic of having a +"true" value of -1 for the < operator ... *sigh* + +Btw., the one in asm/alternative-asm.h is correct. And, apparently, +all current users of ALTERNATIVE_2() pass same sized alternatives, +avoiding to hit the bug. + +[1] http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax + +Reviewed-and-tested-by: Borislav Petkov +Fixes: dbe4058a6a44 ("x86/alternatives: Fix ALTERNATIVE_2 padding generation properly") +Signed-off-by: Mathias Krause +Signed-off-by: Thomas Gleixner +Cc: Borislav Petkov +Link: https://lkml.kernel.org/r/1507228213-13095-1-git-send-email-minipli@googlemail.com +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/include/asm/alternative-asm.h | 4 +++- + arch/x86/include/asm/alternative.h | 6 +++--- + 2 files changed, 6 insertions(+), 4 deletions(-) + +--- a/arch/x86/include/asm/alternative-asm.h ++++ b/arch/x86/include/asm/alternative-asm.h +@@ -62,8 +62,10 @@ + #define new_len2 145f-144f + + /* +- * max without conditionals. Idea adapted from: ++ * gas compatible max based on the idea from: + * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax ++ * ++ * The additional "-" is needed because gas uses a "true" value of -1. + */ + #define alt_max_short(a, b) ((a) ^ (((a) ^ (b)) & -(-((a) < (b))))) + +--- a/arch/x86/include/asm/alternative.h ++++ b/arch/x86/include/asm/alternative.h +@@ -102,12 +102,12 @@ static inline int alternatives_text_rese + alt_end_marker ":\n" + + /* +- * max without conditionals. Idea adapted from: ++ * gas compatible max based on the idea from: + * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax + * +- * The additional "-" is needed because gas works with s32s. ++ * The additional "-" is needed because gas uses a "true" value of -1. + */ +-#define alt_max_short(a, b) "((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") - (" b ")))))" ++#define alt_max_short(a, b) "((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))" + + /* + * Pad the second replacement alternative with additional NOPs if it is