diff options
author | Michael Ellerman <michael@ellerman.id.au> | 2005-11-03 05:10:48 -0500 |
---|---|---|
committer | Michael Ellerman <michael@ellerman.id.au> | 2005-11-03 20:10:51 -0500 |
commit | 30415f6a63f3383a18e9adf7c144acabe6893f63 (patch) | |
tree | 1243fd078c52fca858145d5b96e6e4a2d310de4e /include | |
parent | b8f510219edc719d4c305918e16edc578bcfc16f (diff) |
powerpc: Fix random memory corruption in merged elf.h
The merged verison of ELF_CORE_COPY_REGS is basically the PPC64 version, with
a memset that came from PPC and a few types abstracted out into #defines. But
it's not _quite_ right.
The first problem is we calculate the number of registers with:
nregs = sizeof(struct pt_regs) / sizeof(ELF_GREG_TYPE)
For a 32-bit process on a 64-bit kernel that's bogus because the registers are
64 bits, but ELF_GREG_TYPE is u32, so nregs == 88 which is wrong.
The other problem is the memset, which assumes a struct pt_regs is smaller
than a struct elf_regs. For a 32-bit process on a 64-bit kernel that's false.
The fix is to calculate the number of regs using sizeof(unsigned long), which
should always be right, and just memset the whole damn thing _before_ copying
the registers in.
Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Diffstat (limited to 'include')
-rw-r--r-- | include/asm-powerpc/elf.h | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/include/asm-powerpc/elf.h b/include/asm-powerpc/elf.h index d22b10021b5d..d140577d0a05 100644 --- a/include/asm-powerpc/elf.h +++ b/include/asm-powerpc/elf.h | |||
@@ -178,18 +178,22 @@ typedef elf_vrreg_t elf_vrregset_t32[ELF_NVRREG32]; | |||
178 | static inline void ppc_elf_core_copy_regs(elf_gregset_t elf_regs, | 178 | static inline void ppc_elf_core_copy_regs(elf_gregset_t elf_regs, |
179 | struct pt_regs *regs) | 179 | struct pt_regs *regs) |
180 | { | 180 | { |
181 | int i; | 181 | int i, nregs; |
182 | int gprs = sizeof(struct pt_regs)/sizeof(ELF_GREG_TYPE); | ||
183 | 182 | ||
184 | if (gprs > ELF_NGREG) | 183 | memset((void *)elf_regs, 0, sizeof(elf_gregset_t)); |
185 | gprs = ELF_NGREG; | ||
186 | 184 | ||
187 | for (i=0; i < gprs; i++) | 185 | /* Our registers are always unsigned longs, whether we're a 32 bit |
188 | elf_regs[i] = (elf_greg_t)((ELF_GREG_TYPE *)regs)[i]; | 186 | * process or 64 bit, on either a 64 bit or 32 bit kernel. |
189 | 187 | * Don't use ELF_GREG_TYPE here. */ | |
190 | memset((char *)(elf_regs) + sizeof(struct pt_regs), 0, \ | 188 | nregs = sizeof(struct pt_regs) / sizeof(unsigned long); |
191 | sizeof(elf_gregset_t) - sizeof(struct pt_regs)); | 189 | if (nregs > ELF_NGREG) |
190 | nregs = ELF_NGREG; | ||
192 | 191 | ||
192 | for (i = 0; i < nregs; i++) { | ||
193 | /* This will correctly truncate 64 bit registers to 32 bits | ||
194 | * for a 32 bit process on a 64 bit kernel. */ | ||
195 | elf_regs[i] = (elf_greg_t)((ELF_GREG_TYPE *)regs)[i]; | ||
196 | } | ||
193 | } | 197 | } |
194 | #define ELF_CORE_COPY_REGS(gregs, regs) ppc_elf_core_copy_regs(gregs, regs); | 198 | #define ELF_CORE_COPY_REGS(gregs, regs) ppc_elf_core_copy_regs(gregs, regs); |
195 | 199 | ||