diff options
author | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2009-07-24 06:39:52 -0400 |
---|---|---|
committer | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2009-07-24 06:41:02 -0400 |
commit | 1277580fe5dfb5aef84854bdb7983657df00b920 (patch) | |
tree | 1cfde8482a43f0f0ba56ac488a4cacf52d89fd61 /arch/s390 | |
parent | 3a6ba4600d6fb913ddb0dd08843ad75405795883 (diff) |
[S390] vdso: clock_gettime of CLOCK_THREAD_CPUTIME_ID with noexec=on
The combination of noexec=on and a clock_gettime call with clock id
CLOCK_THREAD_CPUTIME_ID is broken. The vdso code switches to the
access register mode to get access to the per-cpu data structure to
execute the magic ectg instruction. After the ectg instruction the
code always switches back to the primary mode but for noexec=on the
correct mode is the secondary mode. The effect of the bug is that the
user space program looses the access to all mappings without PROT_EXEC,
e.g. the stack. The problem is fixed by restoring the mode that has
been active before the switch to the access register mode.
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'arch/s390')
-rw-r--r-- | arch/s390/kernel/vdso64/clock_gettime.S | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/arch/s390/kernel/vdso64/clock_gettime.S b/arch/s390/kernel/vdso64/clock_gettime.S index 79dbfee831ec..49106c6e6f88 100644 --- a/arch/s390/kernel/vdso64/clock_gettime.S +++ b/arch/s390/kernel/vdso64/clock_gettime.S | |||
@@ -88,10 +88,17 @@ __kernel_clock_gettime: | |||
88 | llilh %r4,0x0100 | 88 | llilh %r4,0x0100 |
89 | sar %a4,%r4 | 89 | sar %a4,%r4 |
90 | lghi %r4,0 | 90 | lghi %r4,0 |
91 | epsw %r5,0 | ||
91 | sacf 512 /* Magic ectg instruction */ | 92 | sacf 512 /* Magic ectg instruction */ |
92 | .insn ssf,0xc80100000000,__VDSO_ECTG_BASE(4),__VDSO_ECTG_USER(4),4 | 93 | .insn ssf,0xc80100000000,__VDSO_ECTG_BASE(4),__VDSO_ECTG_USER(4),4 |
93 | sacf 0 | 94 | tml %r5,0x4000 |
94 | sar %a4,%r2 | 95 | jo 11f |
96 | tml %r5,0x8000 | ||
97 | jno 10f | ||
98 | sacf 256 | ||
99 | j 11f | ||
100 | 10: sacf 0 | ||
101 | 11: sar %a4,%r2 | ||
95 | algr %r1,%r0 /* r1 = cputime as TOD value */ | 102 | algr %r1,%r0 /* r1 = cputime as TOD value */ |
96 | mghi %r1,1000 /* convert to nanoseconds */ | 103 | mghi %r1,1000 /* convert to nanoseconds */ |
97 | srlg %r1,%r1,12 /* r1 = cputime in nanosec */ | 104 | srlg %r1,%r1,12 /* r1 = cputime in nanosec */ |