kernel - Fix CVE-2018-8897, debug register issue
* #DB can be delayed in a way that causes it to occur on the first
instruction of the int $3 or syscall handlers. These handlers must
be able to detect and handle the condition. This is a historical
artifact of cpu operation that has existed for a very long time on
both AMD and Intel CPUs.
* Fix by giving #DB its own trampoline stack and a way to load a
deterministic %gs and %cr3 independent of the normal CS check.
This is CVE-2018-8897.
* Also fix the NMI trampoline while I'm here.
* Also fix an old issue with debug register trace traps which can
occur when the kernel is accessing the user's address space.
This fix was lost years ago, now recovered.
Credits: Nick Peterson of Everdox Tech, LLC (original reporter)
Credits: Thanks to Microsoft for coordinating the OS vendor response