From: Max Filippov <jcmvbkbc@gmail.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-arch@vger.kernel.org, Chris Zankel <chris@zankel.net>,
Marc Gauthier <marc@tensilica.com>,
Max Filippov <jcmvbkbc@gmail.com>
Subject: [PATCH v2 1/4] xtensa: reset windowbase/windowstart when cloning the VM
Date: Mon, 29 Oct 2012 18:56:18 +0400 [thread overview]
Message-ID: <1351522581-30516-2-git-send-email-jcmvbkbc@gmail.com> (raw)
In-Reply-To: <1351522581-30516-1-git-send-email-jcmvbkbc@gmail.com>
From: Chris Zankel <chris@zankel.net>
When we copy a user thread with CLONE_VM, we also have to reset
windowbase and windowstart to start a pristine stack frame. Otherwise,
overflows can happen using the address 0 as the stack pointer.
Also add a special case for vfork, which continues on the
parent stack until it calls execve. Because this could be a call8, we
need to spill the stack pointer of the previus frame (if still 'live' in
the register file).
Signed-off-by: Chris Zankel <chris@zankel.net>
---
arch/xtensa/kernel/process.c | 26 +++++++++++++++++++++++++-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/arch/xtensa/kernel/process.c b/arch/xtensa/kernel/process.c
index 1908f66..341c151 100644
--- a/arch/xtensa/kernel/process.c
+++ b/arch/xtensa/kernel/process.c
@@ -220,8 +220,32 @@ int copy_thread(unsigned long clone_flags, unsigned long usp,
if (user_mode(regs)) {
childregs->areg[1] = usp;
+
+ /* When sharing memory with the parent thread, the child
+ usually starts on a pristine stack, so we have to reset
+ windowbase, windowstart and wmask.
+ (Note that such a new thread is required to always create
+ an initial call4 frame)
+ The exception is vfork, where the new thread continues to
+ run on the parent's stack until it calls execve. This could
+ be a call8 or call12, which requires a legal stack frame
+ of the previous caller for the overflow handlers to work.
+ (Note that it's always legal to overflow live registers).
+ In this case, ensure to spill at least the stack pointer
+ of that frame. */
+
if (clone_flags & CLONE_VM) {
- childregs->wmask = 1; /* can't share live windows */
+ /* check that caller window is live and same stack */
+ int len = childregs->wmask & ~0xf;
+ if (regs->areg[1] == usp && len != 0) {
+ int callinc = (regs->areg[0] >> 30) & 3;
+ int caller_ars = XCHAL_NUM_AREGS - callinc * 4;
+ put_user(regs->areg[caller_ars+1],
+ (unsigned __user*)(usp - 12));
+ }
+ childregs->wmask = 1;
+ childregs->windowstart = 1;
+ childregs->windowbase = 0;
} else {
int len = childregs->wmask & ~0xf;
memcpy(&childregs->areg[XCHAL_NUM_AREGS - len/4],
--
1.7.7.6
next prev parent reply other threads:[~2012-10-29 14:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-29 14:56 [PATCH v2 0/4] xtensa: conversion to generic kernel_thread and friends Max Filippov
2012-10-29 14:56 ` Max Filippov [this message]
2012-10-29 16:10 ` [PATCH v2 1/4] xtensa: reset windowbase/windowstart when cloning the VM Marc Gauthier
2012-10-29 14:56 ` [PATCH v2 2/4] xtensa: switch to generic kernel_thread() Max Filippov
2012-10-29 14:56 ` [PATCH v2 3/4] xtensa: switch to generic kernel_execve() Max Filippov
2012-10-29 14:56 ` [PATCH v2 4/4] xtensa: switch to generic sys_execve() Max Filippov
2012-10-29 16:23 ` [PATCH v2 0/4] xtensa: conversion to generic kernel_thread and friends czankel
2012-10-29 16:58 ` Max Filippov
2012-10-29 18:11 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1351522581-30516-2-git-send-email-jcmvbkbc@gmail.com \
--to=jcmvbkbc@gmail.com \
--cc=chris@zankel.net \
--cc=linux-arch@vger.kernel.org \
--cc=marc@tensilica.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.