From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755906AbbCEM2p (ORCPT ); Thu, 5 Mar 2015 07:28:45 -0500 Received: from mail-qg0-f49.google.com ([209.85.192.49]:40895 "EHLO mail-qg0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753160AbbCEM2o (ORCPT ); Thu, 5 Mar 2015 07:28:44 -0500 Message-ID: <54F84BF7.80200@monstr.eu> Date: Thu, 05 Mar 2015 13:28:39 +0100 From: Michal Simek Reply-To: monstr@monstr.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: jamie.garside@york.ac.uk, linux-kernel@vger.kernel.org Subject: Re: [PATCH] Fixed Microblaze syscall error recovery for invalid syscall IDs. References: <1424705735-9907-1-git-send-email-jamie.garside@york.ac.uk> In-Reply-To: <1424705735-9907-1-git-send-email-jamie.garside@york.ac.uk> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="JGmKjuORMaGM3SBkN49IK1WRo1Ti8LMD4" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JGmKjuORMaGM3SBkN49IK1WRo1Ti8LMD4 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 02/23/2015 04:35 PM, jamie.garside@york.ac.uk wrote: > From: Jamie Garside >=20 > This patch fixes two bugs in the Microblaze syscall trap handler when a= n invalid > syscall ID is used. >=20 > First, the range check on line 351 only checks for syscall IDs greater = than > __NR_syscalls. A negative syscall ID (either passed to `syscall()` or a= s returned > by `do_syscall_trace_enter()` on error) will still satisfy this test an= d cause > the Linux kernel to access an invalid memory location and cause a kerne= l oops. > This has been fixed by also checking for r12 < 0. >=20 > Secondly, the current error recovery at line 378 returns using the wron= g register > (r15 instead of r14) and does not restore the previous stack state. Thi= s has been > fixed by invoking `ret_from_trap` on error, setting r3 to `-ENOSYS`, si= milar to > what would happen when calling a valid syscall. >=20 > Signed-off-by: Jamie Garside > --- > arch/microblaze/kernel/entry.S | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) >=20 > diff --git a/arch/microblaze/kernel/entry.S b/arch/microblaze/kernel/en= try.S > index 0536bc0..101f13c 100644 > --- a/arch/microblaze/kernel/entry.S > +++ b/arch/microblaze/kernel/entry.S > @@ -348,8 +348,9 @@ C_ENTRY(_user_exception): > * The LP register should point to the location where the called funct= ion > * should return. [note that MAKE_SYS_CALL uses label 1] */ > /* See if the system call number is valid */ > + blti r12, 5f > addi r11, r12, -__NR_syscalls; > - bgei r11,5f; > + bgei r11, 5f; > /* Figure out which function to use for this system call. */ > /* Note Microblaze barrel shift is optional, so don't rely on it */ > add r12, r12, r12; /* convert num -> ptr */ > @@ -375,7 +376,7 @@ C_ENTRY(_user_exception): > =20 > /* The syscall number is invalid, return an error. */ > 5: > - rtsd r15, 8; /* looks like a normal subroutine return */ > + braid ret_from_trap > addi r3, r0, -ENOSYS; > =20 > /* Entry point used to return from a syscall/trap */ >=20 Looks reasonable and I have also tested it. I have fixed subject, coding style and I have create one more patch to fix that coding style issue. The patches should be in linux-next. Thanks, Michal --=20 Michal Simek, Ing. (M.Eng), OpenPGP -> KeyID: FE3D1F91 w: www.monstr.eu p: +42-0-721842854 Maintainer of Linux kernel - Microblaze cpu - http://www.monstr.eu/fdt/ Maintainer of Linux kernel - Xilinx Zynq ARM architecture Microblaze U-BOOT custodian and responsible for u-boot arm zynq platform --JGmKjuORMaGM3SBkN49IK1WRo1Ti8LMD4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAlT4S/cACgkQykllyylKDCGMqQCeN6OqYFzoOha+CcDmonkil6kt AngAoIbNe/oDIX2GqSeOZ5sGGPlZAJrI =OcYo -----END PGP SIGNATURE----- --JGmKjuORMaGM3SBkN49IK1WRo1Ti8LMD4--