diff options
| author | Matthew Leach <matthew.leach@arm.com> | 2013-10-11 09:52:14 -0400 |
|---|---|---|
| committer | Catalin Marinas <catalin.marinas@arm.com> | 2013-10-25 10:59:37 -0400 |
| commit | a1d5ebaf8ccdd100f45042ce32c591867de04ac3 (patch) | |
| tree | 8f47a40eabb63ca19ec96936fd808537824c0b25 /arch/arm64/kernel/signal32.c | |
| parent | 55b89540b0d8d031f90e3d711ec0df3f797ecc61 (diff) | |
arm64: big-endian: don't treat code as data when copying sigret code
Currently the sigreturn compat code is copied to an offset in the
vectors table. When using a BE kernel this data will be stored in the
wrong endianess so when returning from a signal on a 32-bit BE system,
arbitrary code will be executed.
Instead of declaring the code inside a struct and copying that, use
the assembler's .byte directives to store the code in the correct
endianess regardless of platform endianess.
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Matthew Leach <matthew.leach@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Diffstat (limited to 'arch/arm64/kernel/signal32.c')
| -rw-r--r-- | arch/arm64/kernel/signal32.c | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c index e393174fe859..e8772c07cf5c 100644 --- a/arch/arm64/kernel/signal32.c +++ b/arch/arm64/kernel/signal32.c | |||
| @@ -100,34 +100,6 @@ struct compat_rt_sigframe { | |||
| 100 | 100 | ||
| 101 | #define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP))) | 101 | #define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP))) |
| 102 | 102 | ||
| 103 | /* | ||
| 104 | * For ARM syscalls, the syscall number has to be loaded into r7. | ||
| 105 | * We do not support an OABI userspace. | ||
| 106 | */ | ||
| 107 | #define MOV_R7_NR_SIGRETURN (0xe3a07000 | __NR_compat_sigreturn) | ||
| 108 | #define SVC_SYS_SIGRETURN (0xef000000 | __NR_compat_sigreturn) | ||
| 109 | #define MOV_R7_NR_RT_SIGRETURN (0xe3a07000 | __NR_compat_rt_sigreturn) | ||
| 110 | #define SVC_SYS_RT_SIGRETURN (0xef000000 | __NR_compat_rt_sigreturn) | ||
| 111 | |||
| 112 | /* | ||
| 113 | * For Thumb syscalls, we also pass the syscall number via r7. We therefore | ||
| 114 | * need two 16-bit instructions. | ||
| 115 | */ | ||
| 116 | #define SVC_THUMB_SIGRETURN (((0xdf00 | __NR_compat_sigreturn) << 16) | \ | ||
| 117 | 0x2700 | __NR_compat_sigreturn) | ||
| 118 | #define SVC_THUMB_RT_SIGRETURN (((0xdf00 | __NR_compat_rt_sigreturn) << 16) | \ | ||
| 119 | 0x2700 | __NR_compat_rt_sigreturn) | ||
| 120 | |||
| 121 | const compat_ulong_t aarch32_sigret_code[6] = { | ||
| 122 | /* | ||
| 123 | * AArch32 sigreturn code. | ||
| 124 | * We don't construct an OABI SWI - instead we just set the imm24 field | ||
| 125 | * to the EABI syscall number so that we create a sane disassembly. | ||
| 126 | */ | ||
| 127 | MOV_R7_NR_SIGRETURN, SVC_SYS_SIGRETURN, SVC_THUMB_SIGRETURN, | ||
| 128 | MOV_R7_NR_RT_SIGRETURN, SVC_SYS_RT_SIGRETURN, SVC_THUMB_RT_SIGRETURN, | ||
| 129 | }; | ||
| 130 | |||
| 131 | static inline int put_sigset_t(compat_sigset_t __user *uset, sigset_t *set) | 103 | static inline int put_sigset_t(compat_sigset_t __user *uset, sigset_t *set) |
| 132 | { | 104 | { |
| 133 | compat_sigset_t cset; | 105 | compat_sigset_t cset; |