| Message ID | 20211020174406.17889-5-ebiederm@xmission.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | exit cleanups | expand |
On Wed, Oct 20, 2021 at 12:43:51PM -0500, Eric W. Biederman wrote: > When an instruction to save or restore a register from the stack fails > in _save_fp_context or _restore_fp_context return with -EFAULT. This > change was made to r2300_fpu.S[1] but it looks like it got lost with > the introduction of EX2[2]. This is also what the other implementation > of _save_fp_context and _restore_fp_context in r4k_fpu.S does, and > what is needed for the callers to be able to handle the error. > > Furthermore calling do_exit(SIGSEGV) from bad_stack is wrong because > it does not terminate the entire process it just terminates a single > thread. > > As the changed code was the only caller of arch/mips/kernel/syscall.c:bad_stack > remove the problematic and now unused helper function. > > Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> > Cc: Maciej Rozycki <macro@orcam.me.uk> > Cc: linux-mips@vger.kernel.org > [1] 35938a00ba86 ("MIPS: Fix ISA I FP sigcontext access violation handling") > [2] f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") > Fixes: f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") > Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Reviewed-by: Kees Cook <keescook@chromium.org>
On Wed, 20 Oct 2021, Eric W. Biederman wrote: > When an instruction to save or restore a register from the stack fails > in _save_fp_context or _restore_fp_context return with -EFAULT. This > change was made to r2300_fpu.S[1] but it looks like it got lost with > the introduction of EX2[2]. This is also what the other implementation > of _save_fp_context and _restore_fp_context in r4k_fpu.S does, and > what is needed for the callers to be able to handle the error. Umm, right, good catch, thanks! I think this ought to be backported. Acked-by: Maciej W. Rozycki <macro@orcam.me.uk> Maciej
On Wed, Oct 20, 2021 at 12:43:51PM -0500, Eric W. Biederman wrote: > When an instruction to save or restore a register from the stack fails > in _save_fp_context or _restore_fp_context return with -EFAULT. This > change was made to r2300_fpu.S[1] but it looks like it got lost with > the introduction of EX2[2]. This is also what the other implementation > of _save_fp_context and _restore_fp_context in r4k_fpu.S does, and > what is needed for the callers to be able to handle the error. > > Furthermore calling do_exit(SIGSEGV) from bad_stack is wrong because > it does not terminate the entire process it just terminates a single > thread. > > As the changed code was the only caller of arch/mips/kernel/syscall.c:bad_stack > remove the problematic and now unused helper function. > > Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> > Cc: Maciej Rozycki <macro@orcam.me.uk> > Cc: linux-mips@vger.kernel.org > [1] 35938a00ba86 ("MIPS: Fix ISA I FP sigcontext access violation handling") > [2] f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") > Fixes: f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") > Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> > --- > arch/mips/kernel/r2300_fpu.S | 4 ++-- > arch/mips/kernel/syscall.c | 9 --------- > 2 files changed, 2 insertions(+), 11 deletions(-) Acked-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
"Maciej W. Rozycki" <macro@orcam.me.uk> writes: > On Wed, 20 Oct 2021, Eric W. Biederman wrote: > >> When an instruction to save or restore a register from the stack fails >> in _save_fp_context or _restore_fp_context return with -EFAULT. This >> change was made to r2300_fpu.S[1] but it looks like it got lost with >> the introduction of EX2[2]. This is also what the other implementation >> of _save_fp_context and _restore_fp_context in r4k_fpu.S does, and >> what is needed for the callers to be able to handle the error. > > Umm, right, good catch, thanks! I think this ought to be backported. > > Acked-by: Maciej W. Rozycki <macro@orcam.me.uk> > I will add a CC stable. So it can be backported after it is merged. Eric
diff --git a/arch/mips/kernel/r2300_fpu.S b/arch/mips/kernel/r2300_fpu.S index 12e58053544f..cbf6db98cfb3 100644 --- a/arch/mips/kernel/r2300_fpu.S +++ b/arch/mips/kernel/r2300_fpu.S @@ -29,8 +29,8 @@ #define EX2(a,b) \ 9: a,##b; \ .section __ex_table,"a"; \ - PTR 9b,bad_stack; \ - PTR 9b+4,bad_stack; \ + PTR 9b,fault; \ + PTR 9b+4,fault; \ .previous .set mips1 diff --git a/arch/mips/kernel/syscall.c b/arch/mips/kernel/syscall.c index 2afa3eef486a..5512cd586e6e 100644 --- a/arch/mips/kernel/syscall.c +++ b/arch/mips/kernel/syscall.c @@ -240,12 +240,3 @@ SYSCALL_DEFINE3(cachectl, char *, addr, int, nbytes, int, op) { return -ENOSYS; } - -/* - * If we ever come here the user sp is bad. Zap the process right away. - * Due to the bad stack signaling wouldn't work. - */ -asmlinkage void bad_stack(void) -{ - do_exit(SIGSEGV); -}
When an instruction to save or restore a register from the stack fails in _save_fp_context or _restore_fp_context return with -EFAULT. This change was made to r2300_fpu.S[1] but it looks like it got lost with the introduction of EX2[2]. This is also what the other implementation of _save_fp_context and _restore_fp_context in r4k_fpu.S does, and what is needed for the callers to be able to handle the error. Furthermore calling do_exit(SIGSEGV) from bad_stack is wrong because it does not terminate the entire process it just terminates a single thread. As the changed code was the only caller of arch/mips/kernel/syscall.c:bad_stack remove the problematic and now unused helper function. Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Cc: Maciej Rozycki <macro@orcam.me.uk> Cc: linux-mips@vger.kernel.org [1] 35938a00ba86 ("MIPS: Fix ISA I FP sigcontext access violation handling") [2] f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") Fixes: f92722dc4545 ("MIPS: Correct MIPS I FP sigcontext layout") Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> --- arch/mips/kernel/r2300_fpu.S | 4 ++-- arch/mips/kernel/syscall.c | 9 --------- 2 files changed, 2 insertions(+), 11 deletions(-)