void-packages/srcpkgs/openjdk8/patches/012_pr3728.patch

63 lines
1.9 KiB
Diff

# HG changeset patch
# User andrew
# Date 1555557699 -3600
# Thu Apr 18 04:21:39 2019 +0100
# Node ID 3f9a60eb8ef03dd72438eb923fc9547b4148605d
# Parent 2366ee02c78968ed4d62f77fc88632873cffd183
PR3728: CVE-2018-3639 fix revision to prefer PR_SPEC_DISABLE_NOEXEC to PR_SPEC_DISABLE
diff --git openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp openjdk/hotspot/src/os/linux/vm/os_linux.cpp
--- openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp
+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp
@@ -5005,26 +5005,43 @@
/* Per task speculation control */
#ifndef PR_GET_SPECULATION_CTRL
-#define PR_GET_SPECULATION_CTRL 52
+# define PR_GET_SPECULATION_CTRL 52
#endif
#ifndef PR_SET_SPECULATION_CTRL
-#define PR_SET_SPECULATION_CTRL 53
+# define PR_SET_SPECULATION_CTRL 53
#endif
/* Speculation control variants */
-# undef PR_SPEC_STORE_BYPASS
+#ifndef PR_SPEC_STORE_BYPASS
# define PR_SPEC_STORE_BYPASS 0
+#endif
/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
-# undef PR_SPEC_NOT_AFFECTED
-# undef PR_SPEC_PRCTL
-# undef PR_SPEC_ENABLE
-# undef PR_SPEC_DISABLE
+
+#ifndef PR_SPEC_NOT_AFFECTED
# define PR_SPEC_NOT_AFFECTED 0
+#endif
+#ifndef PR_SPEC_PRCTL
# define PR_SPEC_PRCTL (1UL << 0)
+#endif
+#ifndef PR_SPEC_ENABLE
# define PR_SPEC_ENABLE (1UL << 1)
+#endif
+#ifndef PR_SPEC_DISABLE
# define PR_SPEC_DISABLE (1UL << 2)
+#endif
+#ifndef PR_SPEC_FORCE_DISABLE
+# define PR_SPEC_FORCE_DISABLE (1UL << 3)
+#endif
+#ifndef PR_SPEC_DISABLE_NOEXEC
+# define PR_SPEC_DISABLE_NOEXEC (1UL << 4)
+#endif
static void set_speculation() __attribute__((constructor));
static void set_speculation() {
+ if ( prctl(PR_SET_SPECULATION_CTRL,
+ PR_SPEC_STORE_BYPASS,
+ PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
+ return;
+ }
prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
}