powerpc/64/syscall: Zero volatile registers when returning

Kernel addresses and potentially other sensitive data could be leaked
in volatile registers after a syscall.

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20200225173541.1549955-27-npiggin@gmail.com

diff --git a/arch/powerpc/kernel/entry_64.S b/arch/powerpc/kernel/entry_64.S
index 5f70830b5ae46f83c08cfa57d81e398022cc0273..29949bbe857b30041280e0863a19d87d77eb1c0d 100644 (file)
--- a/arch/powerpc/kernel/entry_64.S
+++ b/arch/powerpc/kernel/entry_64.S
@@ -141,6 +141,19 @@ END_FTR_SECTION_IFCLR(CPU_FTR_STCX_CHECKS_ADDRESS)
 
        cmpdi   r3,0
        bne     .Lsyscall_restore_regs
+       /* Zero volatile regs that may contain sensitive kernel data */
+       li      r0,0
+       li      r4,0
+       li      r5,0
+       li      r6,0
+       li      r7,0
+       li      r8,0
+       li      r9,0
+       li      r10,0
+       li      r11,0
+       li      r12,0
+       mtctr   r0
+       mtspr   SPRN_XER,r0
 .Lsyscall_restore_regs_cont:
 
 BEGIN_FTR_SECTION