From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PATCH v2 21/25] linux-user/sparc: Minor corrections to do_sigreturn
Date: Sun, 25 Apr 2021 19:53:30 -0700 [thread overview]
Message-ID: <20210426025334.1168495-22-richard.henderson@linaro.org> (raw)
In-Reply-To: <20210426025334.1168495-1-richard.henderson@linaro.org>
Check that the input sp is 16 byte aligned, not 4.
Do that before the lock_user_struct check.
Validate the saved sp is 8 byte aligned.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
linux-user/sparc/signal.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/linux-user/sparc/signal.c b/linux-user/sparc/signal.c
index f0f614a3af..0ff57af43d 100644
--- a/linux-user/sparc/signal.c
+++ b/linux-user/sparc/signal.c
@@ -254,7 +254,7 @@ void setup_rt_frame(int sig, struct target_sigaction *ka,
long do_sigreturn(CPUSPARCState *env)
{
abi_ulong sf_addr;
- struct target_signal_frame *sf;
+ struct target_signal_frame *sf = NULL;
abi_ulong pc, npc, ptr;
target_sigset_t set;
sigset_t host_set;
@@ -262,18 +262,21 @@ long do_sigreturn(CPUSPARCState *env)
sf_addr = env->regwptr[WREG_SP];
trace_user_do_sigreturn(env, sf_addr);
- if (!lock_user_struct(VERIFY_READ, sf, sf_addr, 1)) {
+
+ /* 1. Make sure we are not getting garbage from the user */
+ if ((sf_addr & 15) || !lock_user_struct(VERIFY_READ, sf, sf_addr, 1)) {
goto segv_and_exit;
}
- /* 1. Make sure we are not getting garbage from the user */
-
- if (sf_addr & 3)
+ /* Make sure stack pointer is aligned. */
+ __get_user(ptr, &sf->regs.u_regs[14]);
+ if (ptr & 7) {
goto segv_and_exit;
+ }
- __get_user(pc, &sf->regs.pc);
+ /* Make sure instruction pointers are aligned. */
+ __get_user(pc, &sf->regs.pc);
__get_user(npc, &sf->regs.npc);
-
if ((pc | npc) & 3) {
goto segv_and_exit;
}
@@ -309,7 +312,7 @@ long do_sigreturn(CPUSPARCState *env)
unlock_user_struct(sf, sf_addr, 0);
return -TARGET_QEMU_ESIGRETURN;
-segv_and_exit:
+ segv_and_exit:
unlock_user_struct(sf, sf_addr, 0);
force_sig(TARGET_SIGSEGV);
return -TARGET_QEMU_ESIGRETURN;
--
2.25.1
next prev parent reply other threads:[~2021-04-26 3:15 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-26 2:53 [PATCH v2 00/25] linux-user/sparc: Implement rt signals Richard Henderson
2021-04-26 2:53 ` [PATCH v2 01/25] linux-user: Split out target_restore_altstack Richard Henderson
2021-04-26 2:53 ` [PATCH v2 02/25] linux-user: Use target_restore_altstack in all sigreturn Richard Henderson
2021-04-26 2:53 ` [PATCH v2 03/25] linux-user: Pass CPUArchState to do_sigaltstack Richard Henderson
2021-04-26 2:53 ` [PATCH v2 04/25] linux-user: Pass CPUArchState to target_restore_altstack Richard Henderson
2021-04-26 2:53 ` [PATCH v2 05/25] linux-user/sparc: Include TARGET_STACK_BIAS in get_sp_from_cpustate Richard Henderson
2021-04-26 2:53 ` [PATCH v2 06/25] linux-user/sparc: Clean up init_thread Richard Henderson
2021-04-26 2:53 ` [PATCH v2 07/25] linux-user/sparc: Merge sparc64 target_syscall.h Richard Henderson
2021-05-17 10:21 ` Laurent Vivier
2021-05-17 17:35 ` Richard Henderson
2021-04-26 2:53 ` [PATCH v2 08/25] linux-user/sparc: Merge sparc64 target_elf.h Richard Henderson
2021-04-26 2:53 ` [PATCH v2 09/25] linux-user/sparc: Merge sparc64 target_structs.h Richard Henderson
2021-04-26 2:53 ` [PATCH v2 10/25] linux-user/sparc: Merge sparc64 termbits.h Richard Henderson
2021-04-26 2:53 ` [PATCH v2 11/25] linux-user/sparc: Merge sparc64/ into sparc/ Richard Henderson
2021-04-26 2:53 ` [PATCH v2 12/25] linux-user/sparc: Remove target_sigcontext as unused Richard Henderson
2021-04-26 2:53 ` [PATCH v2 13/25] linux-user/sparc: Remove target_rt_signal_frame " Richard Henderson
2021-04-26 2:53 ` [PATCH v2 14/25] linux-user/sparc: Fix the stackframe structure Richard Henderson
2021-04-26 2:53 ` [PATCH v2 15/25] linux-user/sparc: Use target_pt_regs Richard Henderson
2021-04-26 2:53 ` [PATCH v2 16/25] linux-user/sparc: Split out save_reg_win Richard Henderson
2021-04-26 2:53 ` [PATCH v2 17/25] linux-user/sparc: Clean up get_sigframe Richard Henderson
2021-04-26 2:53 ` [PATCH v2 18/25] linux-user/sparc: Save and restore fpu in signal frame Richard Henderson
2021-04-26 2:53 ` [PATCH v2 19/25] linux-user/sparc: Add rwin_save to " Richard Henderson
2021-04-26 2:53 ` [PATCH v2 20/25] linux-user/sparc: Clean up setup_frame Richard Henderson
2021-04-26 2:53 ` Richard Henderson [this message]
2021-04-26 2:53 ` [PATCH v2 22/25] linux-user/sparc: Add 64-bit support to fpu save/restore Richard Henderson
2021-04-26 2:53 ` [PATCH v2 23/25] linux-user/sparc: Implement sparc32 rt signals Richard Henderson
2021-04-26 2:53 ` [PATCH v2 24/25] linux-user/sparc: Implement sparc64 " Richard Henderson
2021-04-26 2:53 ` [PATCH v2 25/25] tests/tcg/sparc64: Re-enable linux-test Richard Henderson
2021-04-26 3:06 ` [PATCH v2 00/25] linux-user/sparc: Implement rt signals Richard Henderson
2021-04-26 11:41 ` Alex Bennée
2021-05-15 19:43 ` Laurent Vivier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210426025334.1168495-22-richard.henderson@linaro.org \
--to=richard.henderson@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).