Mercurial > hg > icedtea8-forest > hotspot
changeset 10394:3f9a60eb8ef0 icedtea-3.12.0
PR3728: CVE-2018-3639 fix revision to prefer PR_SPEC_DISABLE_NOEXEC to PR_SPEC_DISABLE
author | andrew |
---|---|
date | Thu, 18 Apr 2019 04:21:39 +0100 |
parents | 2366ee02c789 |
children | 5174c702c7e3 |
files | src/os/linux/vm/os_linux.cpp |
diffstat | 1 files changed, 24 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/os/linux/vm/os_linux.cpp Thu Apr 18 04:00:14 2019 +0100 +++ b/src/os/linux/vm/os_linux.cpp Thu Apr 18 04:21:39 2019 +0100 @@ -5005,26 +5005,43 @@ /* Per task speculation control */ #ifndef PR_GET_SPECULATION_CTRL -#define PR_GET_SPECULATION_CTRL 52 +# define PR_GET_SPECULATION_CTRL 52 #endif #ifndef PR_SET_SPECULATION_CTRL -#define PR_SET_SPECULATION_CTRL 53 +# define PR_SET_SPECULATION_CTRL 53 #endif /* Speculation control variants */ -# undef PR_SPEC_STORE_BYPASS +#ifndef PR_SPEC_STORE_BYPASS # define PR_SPEC_STORE_BYPASS 0 +#endif /* Return and control values for PR_SET/GET_SPECULATION_CTRL */ -# undef PR_SPEC_NOT_AFFECTED -# undef PR_SPEC_PRCTL -# undef PR_SPEC_ENABLE -# undef PR_SPEC_DISABLE + +#ifndef PR_SPEC_NOT_AFFECTED # define PR_SPEC_NOT_AFFECTED 0 +#endif +#ifndef PR_SPEC_PRCTL # define PR_SPEC_PRCTL (1UL << 0) +#endif +#ifndef PR_SPEC_ENABLE # define PR_SPEC_ENABLE (1UL << 1) +#endif +#ifndef PR_SPEC_DISABLE # define PR_SPEC_DISABLE (1UL << 2) +#endif +#ifndef PR_SPEC_FORCE_DISABLE +# define PR_SPEC_FORCE_DISABLE (1UL << 3) +#endif +#ifndef PR_SPEC_DISABLE_NOEXEC +# define PR_SPEC_DISABLE_NOEXEC (1UL << 4) +#endif static void set_speculation() __attribute__((constructor)); static void set_speculation() { + if ( prctl(PR_SET_SPECULATION_CTRL, + PR_SPEC_STORE_BYPASS, + PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) { + return; + } prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0); }