# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 02/11/14      torvalds@home.transmeta.com     1.848
# Fix impressive call gate misuse DoS reported on bugtraq.
# --------------------------------------------
# 02/11/14      torvalds@home.transmeta.com     1.849
# Duh. Fix the other lcall entry point too.
# --------------------------------------------
#
diff -Nru a/arch/i386/kernel/entry.S b/arch/i386/kernel/entry.S
--- a/arch/i386/kernel/entry.S  Thu Nov 14 09:59:08 2002
+++ b/arch/i386/kernel/entry.S  Thu Nov 14 09:59:08 2002
@@ -66,7 +66,9 @@
 OLDSS          = 0x38
 
 CF_MASK                = 0x00000001
+TF_MASK                = 0x00000100
 IF_MASK                = 0x00000200
+DF_MASK                = 0x00000400 
 NT_MASK                = 0x00004000
 VM_MASK                = 0x00020000
 
@@ -134,6 +136,17 @@
        movl %eax,EFLAGS(%esp)  #
        movl %edx,EIP(%esp)     # Now we move them to their "normal" places
        movl %ecx,CS(%esp)      #
+
+       #
+       # Call gates don't clear TF and NT in eflags like
+       # traps do, so we need to do it ourselves.
+       # %eax already contains eflags (but it may have
+       # DF set, clear that also)
+       #
+       andl $~(DF_MASK | TF_MASK | NT_MASK),%eax
+       pushl %eax
+       popfl
+
        movl %esp, %ebx
        pushl %ebx
        andl $-8192, %ebx       # GET_THREAD_INFO
@@ -156,6 +169,17 @@
        movl %eax,EFLAGS(%esp)  #
        movl %edx,EIP(%esp)     # Now we move them to their "normal" places
        movl %ecx,CS(%esp)      #
+
+       #
+       # Call gates don't clear TF and NT in eflags like
+       # traps do, so we need to do it ourselves.
+       # %eax already contains eflags (but it may have
+       # DF set, clear that also)
+       #
+       andl $~(DF_MASK | TF_MASK | NT_MASK),%eax
+       pushl %eax
+       popfl
+
        movl %esp, %ebx
        pushl %ebx
        andl $-8192, %ebx       # GET_THREAD_INFO