提交 4393c4f6 编写于 作者: B Benjamin Herrenschmidt 提交者: Paul Mackerras

[POWERPC] Make alignment exception always check exception table

The alignment exception used to only check the exception table for
-EFAULT, not for other errors. That opens an oops window if we can
coerce the kernel into getting an alignment exception for other reasons
in what would normally be a user-protected accessor, which can be done
via some of the futex ops. This fixes it by always checking the
exception tables.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NPaul Mackerras <paulus@samba.org>
上级 0d69a052
...@@ -843,7 +843,7 @@ void __kprobes program_check_exception(struct pt_regs *regs) ...@@ -843,7 +843,7 @@ void __kprobes program_check_exception(struct pt_regs *regs)
void alignment_exception(struct pt_regs *regs) void alignment_exception(struct pt_regs *regs)
{ {
int fixed = 0; int sig, code, fixed = 0;
/* we don't implement logging of alignment exceptions */ /* we don't implement logging of alignment exceptions */
if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS))
...@@ -857,14 +857,16 @@ void alignment_exception(struct pt_regs *regs) ...@@ -857,14 +857,16 @@ void alignment_exception(struct pt_regs *regs)
/* Operand address was bad */ /* Operand address was bad */
if (fixed == -EFAULT) { if (fixed == -EFAULT) {
if (user_mode(regs)) sig = SIGSEGV;
_exception(SIGSEGV, regs, SEGV_ACCERR, regs->dar); code = SEGV_ACCERR;
else } else {
/* Search exception table */ sig = SIGBUS;
bad_page_fault(regs, regs->dar, SIGSEGV); code = BUS_ADRALN;
return;
} }
_exception(SIGBUS, regs, BUS_ADRALN, regs->dar); if (user_mode(regs))
_exception(sig, regs, code, regs->dar);
else
bad_page_fault(regs, regs->dar, sig);
} }
void StackOverflow(struct pt_regs *regs) void StackOverflow(struct pt_regs *regs)
......
...@@ -708,7 +708,7 @@ void single_step_exception(struct pt_regs *regs) ...@@ -708,7 +708,7 @@ void single_step_exception(struct pt_regs *regs)
void alignment_exception(struct pt_regs *regs) void alignment_exception(struct pt_regs *regs)
{ {
int fixed; int sig, code, fixed = 0;
fixed = fix_alignment(regs); fixed = fix_alignment(regs);
if (fixed == 1) { if (fixed == 1) {
...@@ -717,14 +717,16 @@ void alignment_exception(struct pt_regs *regs) ...@@ -717,14 +717,16 @@ void alignment_exception(struct pt_regs *regs)
return; return;
} }
if (fixed == -EFAULT) { if (fixed == -EFAULT) {
/* fixed == -EFAULT means the operand address was bad */ sig = SIGSEGV;
if (user_mode(regs)) code = SEGV_ACCERR;
_exception(SIGSEGV, regs, SEGV_ACCERR, regs->dar); } else {
else sig = SIGBUS;
bad_page_fault(regs, regs->dar, SIGSEGV); code = BUS_ADRALN;
return;
} }
_exception(SIGBUS, regs, BUS_ADRALN, regs->dar); if (user_mode(regs))
_exception(sig, regs, code, regs->dar);
else
bad_page_fault(regs, regs->dar, sig);
} }
void StackOverflow(struct pt_regs *regs) void StackOverflow(struct pt_regs *regs)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册