diff options
| author | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2012-11-07 04:44:08 -0500 |
|---|---|---|
| committer | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2012-11-12 10:24:38 -0500 |
| commit | fa968ee215c0ca91e4a9c3a69ac2405aae6e5d2f (patch) | |
| tree | 1b1f45f608ab83a8b4bf741b6f439a473a6b82b6 /arch/s390/kernel | |
| parent | 77b67063bb6bce6d475e910d3b886a606d0d91f7 (diff) | |
s390/signal: set correct address space control
If user space is running in primary mode it can switch to secondary
or access register mode, this is used e.g. in the clock_gettime code
of the vdso. If a signal is delivered to the user space process while
it has been running in access register mode the signal handler is
executed in access register mode as well which will result in a crash
most of the time.
Set the address space control bits in the PSW to the default for the
execution of the signal handler and make sure that the previous
address space control is restored on signal return. Take care
that user space can not switch to the kernel address space by
modifying the registers in the signal frame.
Cc: stable@vger.kernel.org
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'arch/s390/kernel')
| -rw-r--r-- | arch/s390/kernel/compat_signal.c | 14 | ||||
| -rw-r--r-- | arch/s390/kernel/signal.c | 14 |
2 files changed, 24 insertions, 4 deletions
diff --git a/arch/s390/kernel/compat_signal.c b/arch/s390/kernel/compat_signal.c index a1e8a8694bb7..593fcc9253fc 100644 --- a/arch/s390/kernel/compat_signal.c +++ b/arch/s390/kernel/compat_signal.c | |||
| @@ -309,6 +309,10 @@ static int restore_sigregs32(struct pt_regs *regs,_sigregs32 __user *sregs) | |||
| 309 | regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) | | 309 | regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) | |
| 310 | (__u64)(regs32.psw.mask & PSW32_MASK_USER) << 32 | | 310 | (__u64)(regs32.psw.mask & PSW32_MASK_USER) << 32 | |
| 311 | (__u64)(regs32.psw.addr & PSW32_ADDR_AMODE); | 311 | (__u64)(regs32.psw.addr & PSW32_ADDR_AMODE); |
| 312 | /* Check for invalid user address space control. */ | ||
| 313 | if ((regs->psw.mask & PSW_MASK_ASC) >= (psw_kernel_bits & PSW_MASK_ASC)) | ||
| 314 | regs->psw.mask = (psw_user_bits & PSW_MASK_ASC) | | ||
| 315 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 312 | regs->psw.addr = (__u64)(regs32.psw.addr & PSW32_ADDR_INSN); | 316 | regs->psw.addr = (__u64)(regs32.psw.addr & PSW32_ADDR_INSN); |
| 313 | for (i = 0; i < NUM_GPRS; i++) | 317 | for (i = 0; i < NUM_GPRS; i++) |
| 314 | regs->gprs[i] = (__u64) regs32.gprs[i]; | 318 | regs->gprs[i] = (__u64) regs32.gprs[i]; |
| @@ -481,7 +485,10 @@ static int setup_frame32(int sig, struct k_sigaction *ka, | |||
| 481 | 485 | ||
| 482 | /* Set up registers for signal handler */ | 486 | /* Set up registers for signal handler */ |
| 483 | regs->gprs[15] = (__force __u64) frame; | 487 | regs->gprs[15] = (__force __u64) frame; |
| 484 | regs->psw.mask |= PSW_MASK_BA; /* force amode 31 */ | 488 | /* Force 31 bit amode and default user address space control. */ |
| 489 | regs->psw.mask = PSW_MASK_BA | | ||
| 490 | (psw_user_bits & PSW_MASK_ASC) | | ||
| 491 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 485 | regs->psw.addr = (__force __u64) ka->sa.sa_handler; | 492 | regs->psw.addr = (__force __u64) ka->sa.sa_handler; |
| 486 | 493 | ||
| 487 | regs->gprs[2] = map_signal(sig); | 494 | regs->gprs[2] = map_signal(sig); |
| @@ -549,7 +556,10 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info, | |||
| 549 | 556 | ||
| 550 | /* Set up registers for signal handler */ | 557 | /* Set up registers for signal handler */ |
| 551 | regs->gprs[15] = (__force __u64) frame; | 558 | regs->gprs[15] = (__force __u64) frame; |
| 552 | regs->psw.mask |= PSW_MASK_BA; /* force amode 31 */ | 559 | /* Force 31 bit amode and default user address space control. */ |
| 560 | regs->psw.mask = PSW_MASK_BA | | ||
| 561 | (psw_user_bits & PSW_MASK_ASC) | | ||
| 562 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 553 | regs->psw.addr = (__u64) ka->sa.sa_handler; | 563 | regs->psw.addr = (__u64) ka->sa.sa_handler; |
| 554 | 564 | ||
| 555 | regs->gprs[2] = map_signal(sig); | 565 | regs->gprs[2] = map_signal(sig); |
diff --git a/arch/s390/kernel/signal.c b/arch/s390/kernel/signal.c index c13a2a37ef00..d1259d875074 100644 --- a/arch/s390/kernel/signal.c +++ b/arch/s390/kernel/signal.c | |||
| @@ -136,6 +136,10 @@ static int restore_sigregs(struct pt_regs *regs, _sigregs __user *sregs) | |||
| 136 | /* Use regs->psw.mask instead of psw_user_bits to preserve PER bit. */ | 136 | /* Use regs->psw.mask instead of psw_user_bits to preserve PER bit. */ |
| 137 | regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) | | 137 | regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) | |
| 138 | (user_sregs.regs.psw.mask & PSW_MASK_USER); | 138 | (user_sregs.regs.psw.mask & PSW_MASK_USER); |
| 139 | /* Check for invalid user address space control. */ | ||
| 140 | if ((regs->psw.mask & PSW_MASK_ASC) >= (psw_kernel_bits & PSW_MASK_ASC)) | ||
| 141 | regs->psw.mask = (psw_user_bits & PSW_MASK_ASC) | | ||
| 142 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 139 | /* Check for invalid amode */ | 143 | /* Check for invalid amode */ |
| 140 | if (regs->psw.mask & PSW_MASK_EA) | 144 | if (regs->psw.mask & PSW_MASK_EA) |
| 141 | regs->psw.mask |= PSW_MASK_BA; | 145 | regs->psw.mask |= PSW_MASK_BA; |
| @@ -273,7 +277,10 @@ static int setup_frame(int sig, struct k_sigaction *ka, | |||
| 273 | 277 | ||
| 274 | /* Set up registers for signal handler */ | 278 | /* Set up registers for signal handler */ |
| 275 | regs->gprs[15] = (unsigned long) frame; | 279 | regs->gprs[15] = (unsigned long) frame; |
| 276 | regs->psw.mask |= PSW_MASK_EA | PSW_MASK_BA; /* 64 bit amode */ | 280 | /* Force default amode and default user address space control. */ |
| 281 | regs->psw.mask = PSW_MASK_EA | PSW_MASK_BA | | ||
| 282 | (psw_user_bits & PSW_MASK_ASC) | | ||
| 283 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 277 | regs->psw.addr = (unsigned long) ka->sa.sa_handler | PSW_ADDR_AMODE; | 284 | regs->psw.addr = (unsigned long) ka->sa.sa_handler | PSW_ADDR_AMODE; |
| 278 | 285 | ||
| 279 | regs->gprs[2] = map_signal(sig); | 286 | regs->gprs[2] = map_signal(sig); |
| @@ -346,7 +353,10 @@ static int setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info, | |||
| 346 | 353 | ||
| 347 | /* Set up registers for signal handler */ | 354 | /* Set up registers for signal handler */ |
| 348 | regs->gprs[15] = (unsigned long) frame; | 355 | regs->gprs[15] = (unsigned long) frame; |
| 349 | regs->psw.mask |= PSW_MASK_EA | PSW_MASK_BA; /* 64 bit amode */ | 356 | /* Force default amode and default user address space control. */ |
| 357 | regs->psw.mask = PSW_MASK_EA | PSW_MASK_BA | | ||
| 358 | (psw_user_bits & PSW_MASK_ASC) | | ||
| 359 | (regs->psw.mask & ~PSW_MASK_ASC); | ||
| 350 | regs->psw.addr = (unsigned long) ka->sa.sa_handler | PSW_ADDR_AMODE; | 360 | regs->psw.addr = (unsigned long) ka->sa.sa_handler | PSW_ADDR_AMODE; |
| 351 | 361 | ||
| 352 | regs->gprs[2] = map_signal(sig); | 362 | regs->gprs[2] = map_signal(sig); |