x86, asm, xen: Flip RESTORE_ARGS arguments logic (bnc#910251 CVE-9322). suse-commit: 8356111faa769f649b6d7c8b5bcbb34fb17120aa

commit: 563dee91d29887a74c9386444ed4ae616081ec4a [log] [tgz]
author: Jiri Kosina <jkosina@suse.cz> Wed Dec 17 12:02:30 2014 +0100
committer: Jiri Kosina <jkosina@suse.cz> Wed Dec 17 12:04:10 2014 +0100
tree: 6fbd971e4b7d46bd483798e30ba910ad13ece4ba
parent: 5c5f7b79a8ed73aabdf13d87ef05083d96922c82 [diff]
diff --git a/arch/x86/kernel/entry_64-xen.S b/arch/x86/kernel/entry_64-xen.S
index 46b5fad..665ef7c 100644
--- a/arch/x86/kernel/entry_64-xen.S
+++ b/arch/x86/kernel/entry_64-xen.S

@@ -519,7 +519,7 @@
 	 * sysretq will re-enable interrupts:
 	 */
 	TRACE_IRQS_ON
-	RESTORE_ARGS 0,8,1,1
+	RESTORE_ARGS 1,8,0,0
 	xor %ecx,%ecx
 	xor %r11,%r11
         HYPERVISOR_IRET VGCF_IN_SYSCALL
@@ -775,7 +775,7 @@
 	andb $1,%al			# EAX[0] == IRET_EFLAGS.IF & event_mask
 	jnz restore_all_enable_events	#        != 0 => enable event delivery
 		
-	RESTORE_ARGS 0,8,0
+	RESTORE_ARGS 1,8,1
 	HYPERVISOR_IRET 0
 	
 	/* edi: workmask, edx: work */
@@ -1010,7 +1010,7 @@
 	__TEST_PENDING
 	CFI_REMEMBER_STATE
 	jnz  14f			# process more events if necessary...
-        RESTORE_ARGS 0,8,0
+        RESTORE_ARGS 1,8,1
         HYPERVISOR_IRET 0
         
 	CFI_RESTORE_STATE
commit	563dee91d29887a74c9386444ed4ae616081ec4a	[log] [tgz]
author	Jiri Kosina <jkosina@suse.cz>	Wed Dec 17 12:02:30 2014 +0100
committer	Jiri Kosina <jkosina@suse.cz>	Wed Dec 17 12:04:10 2014 +0100
tree	6fbd971e4b7d46bd483798e30ba910ad13ece4ba
parent	5c5f7b79a8ed73aabdf13d87ef05083d96922c82 [diff]