x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)

[pandora-kernel.git] / arch / x86 / kernel / entry_32.S

diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S
index d2d488b..db090f6 100644 (file)
--- a/arch/x86/kernel/entry_32.S
+++ b/arch/x86/kernel/entry_32.S
@@ -427,9 +427,10 @@ sysenter_past_esp:
        jnz sysenter_audit
 sysenter_do_call:
        cmpl $(nr_syscalls), %eax
-       jae syscall_badsys
+       jae sysenter_badsys
        call *sys_call_table(,%eax,4)
        movl %eax,PT_EAX(%esp)
+sysenter_after_call:
        LOCKDEP_SYS_EXIT
        DISABLE_INTERRUPTS(CLBR_ANY)
        TRACE_IRQS_OFF
@@ -681,7 +682,12 @@ END(syscall_fault)
 
 syscall_badsys:
        movl $-ENOSYS,PT_EAX(%esp)
-       jmp resume_userspace
+       jmp syscall_exit
+END(syscall_badsys)
+
+sysenter_badsys:
+       movl $-ENOSYS,PT_EAX(%esp)
+       jmp sysenter_after_call
 END(syscall_badsys)
        CFI_ENDPROC
 /*