提交 4393c4f6 编写于 作者: B Benjamin Herrenschmidt 提交者: Paul Mackerras

[POWERPC] Make alignment exception always check exception table

The alignment exception used to only check the exception table for
-EFAULT, not for other errors. That opens an oops window if we can
coerce the kernel into getting an alignment exception for other reasons
in what would normally be a user-protected accessor, which can be done
via some of the futex ops. This fixes it by always checking the
exception tables.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NPaul Mackerras <paulus@samba.org>
上级 0d69a052
......@@ -843,7 +843,7 @@ void __kprobes program_check_exception(struct pt_regs *regs)
void alignment_exception(struct pt_regs *regs)
{
int fixed = 0;
int sig, code, fixed = 0;
/* we don't implement logging of alignment exceptions */
if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS))
......@@ -857,14 +857,16 @@ void alignment_exception(struct pt_regs *regs)
/* Operand address was bad */
if (fixed == -EFAULT) {
if (user_mode(regs))
_exception(SIGSEGV, regs, SEGV_ACCERR, regs->dar);
else
/* Search exception table */
bad_page_fault(regs, regs->dar, SIGSEGV);
return;
sig = SIGSEGV;
code = SEGV_ACCERR;
} else {
sig = SIGBUS;
code = BUS_ADRALN;
}
_exception(SIGBUS, regs, BUS_ADRALN, regs->dar);
if (user_mode(regs))
_exception(sig, regs, code, regs->dar);
else
bad_page_fault(regs, regs->dar, sig);
}
void StackOverflow(struct pt_regs *regs)
......
......@@ -708,7 +708,7 @@ void single_step_exception(struct pt_regs *regs)
void alignment_exception(struct pt_regs *regs)
{
int fixed;
int sig, code, fixed = 0;
fixed = fix_alignment(regs);
if (fixed == 1) {
......@@ -717,14 +717,16 @@ void alignment_exception(struct pt_regs *regs)
return;
}
if (fixed == -EFAULT) {
/* fixed == -EFAULT means the operand address was bad */
if (user_mode(regs))
_exception(SIGSEGV, regs, SEGV_ACCERR, regs->dar);
else
bad_page_fault(regs, regs->dar, SIGSEGV);
return;
sig = SIGSEGV;
code = SEGV_ACCERR;
} else {
sig = SIGBUS;
code = BUS_ADRALN;
}
_exception(SIGBUS, regs, BUS_ADRALN, regs->dar);
if (user_mode(regs))
_exception(sig, regs, code, regs->dar);
else
bad_page_fault(regs, regs->dar, sig);
}
void StackOverflow(struct pt_regs *regs)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册