On a 32-bit kernel, this has no effect, since there are no IST stacks. On a 64-bit kernel, #SS can only happen in user code, on a failed iret to user space, a canonical violation on access via RSP or RBP, or a genuine stack segment violation in 32-bit kernel code. The first two cases don't need IST, and the latter two cases are unlikely fatal bugs, and promoting them to double faults would be fine. This fixes a bug in which the espfix64 code mishandles a stack segment violation. This saves 4k of memory per CPU and a tiny bit of code. Signed-off-by: Andy Lutomirski <luto@amacapital.net> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Cc: stable@vger.kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> BUG=chromium:439158 TEST=link build & boot, sigreturn PoC runs without failures (cherry-picked from commit 6f442be2fb22be02cafa606f1769fa1e6f894441) Signed-off-by: Kees Cook <keescook@chromium.org> Change-Id: I9cd3fb516fef5785191fff6762339654c4656348 Reviewed-on: https://chromium-review.googlesource.com/236044 Tested-by: Kees Cook <keescook@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Commit-Queue: Kees Cook <keescook@chromium.org>