From 742f50979db5360da396af45d1b1c9a88b44bb73 Mon Sep 17 00:00:00 2001 From: Packit Date: Oct 27 2020 19:06:19 +0000 Subject: Apply patch rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch patch_name: rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch present_in_specfile: true no_prefix: true --- diff --git a/openjdk/hotspot/src/os/linux/vm/os_linux.cpp b/openjdk/hotspot/src/os/linux/vm/os_linux.cpp index 8091f72..e5c5021 100644 --- a/openjdk/hotspot/src/os/linux/vm/os_linux.cpp +++ b/openjdk/hotspot/src/os/linux/vm/os_linux.cpp @@ -5041,26 +5041,43 @@ const char* os::exception_name(int exception_code, char* buf, size_t size) { /* Per task speculation control */ #ifndef PR_GET_SPECULATION_CTRL -#define PR_GET_SPECULATION_CTRL 52 +# define PR_GET_SPECULATION_CTRL 52 #endif #ifndef PR_SET_SPECULATION_CTRL -#define PR_SET_SPECULATION_CTRL 53 +# define PR_SET_SPECULATION_CTRL 53 #endif /* Speculation control variants */ -# undef PR_SPEC_STORE_BYPASS +#ifndef PR_SPEC_STORE_BYPASS # define PR_SPEC_STORE_BYPASS 0 +#endif /* Return and control values for PR_SET/GET_SPECULATION_CTRL */ -# undef PR_SPEC_NOT_AFFECTED -# undef PR_SPEC_PRCTL -# undef PR_SPEC_ENABLE -# undef PR_SPEC_DISABLE + +#ifndef PR_SPEC_NOT_AFFECTED # define PR_SPEC_NOT_AFFECTED 0 +#endif +#ifndef PR_SPEC_PRCTL # define PR_SPEC_PRCTL (1UL << 0) +#endif +#ifndef PR_SPEC_ENABLE # define PR_SPEC_ENABLE (1UL << 1) +#endif +#ifndef PR_SPEC_DISABLE # define PR_SPEC_DISABLE (1UL << 2) +#endif +#ifndef PR_SPEC_FORCE_DISABLE +# define PR_SPEC_FORCE_DISABLE (1UL << 3) +#endif +#ifndef PR_SPEC_DISABLE_NOEXEC +# define PR_SPEC_DISABLE_NOEXEC (1UL << 4) +#endif static void set_speculation() __attribute__((constructor)); static void set_speculation() { + if ( prctl(PR_SET_SPECULATION_CTRL, + PR_SPEC_STORE_BYPASS, + PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) { + return; + } prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0); }