提交 5c6b76fc 编写于 作者: J Jon Medhurst 提交者: Nicolas Pitre

ARM: kprobes: Fix emulation of LDRD and STRD instructions

The decoding of these instructions got the register indexed and
immediate indexed forms the wrong way around, causing incorrect
emulation.

Instructions like "LDRD Rx, [Rx]" were corrupting Rx because the base
register writeback was being performed unconditionally, overwriting the
value just loaded from memory. The fix is to only writeback the base
register when that form of the instruction is used. Note, now that we
reject probing writeback with PC the emulation code doesn't need the
check rn!=15.
Signed-off-by: NJon Medhurst <tixy@yxit.co.uk>
Signed-off-by: NNicolas Pitre <nicolas.pitre@linaro.org>
上级 54823acc
...@@ -560,8 +560,8 @@ static void __kprobes emulate_ldrd(struct kprobe *p, struct pt_regs *regs) ...@@ -560,8 +560,8 @@ static void __kprobes emulate_ldrd(struct kprobe *p, struct pt_regs *regs)
[i_fn] "r" (i_fn) [i_fn] "r" (i_fn)
: "r0", "r1", "r2", "r3", "lr", "cc" : "r0", "r1", "r2", "r3", "lr", "cc"
); );
if (rn != 15) if (is_writeback(insn))
regs->uregs[rn] = rnv; /* Save Rn in case of writeback. */ regs->uregs[rn] = rnv;
} }
static void __kprobes emulate_strd(struct kprobe *p, struct pt_regs *regs) static void __kprobes emulate_strd(struct kprobe *p, struct pt_regs *regs)
...@@ -580,8 +580,8 @@ static void __kprobes emulate_strd(struct kprobe *p, struct pt_regs *regs) ...@@ -580,8 +580,8 @@ static void __kprobes emulate_strd(struct kprobe *p, struct pt_regs *regs)
rnv_wb = insnslot_4arg_rflags(rnv, rmv, regs->uregs[rd], rnv_wb = insnslot_4arg_rflags(rnv, rmv, regs->uregs[rd],
regs->uregs[rd+1], regs->uregs[rd+1],
regs->ARM_cpsr, i_fn); regs->ARM_cpsr, i_fn);
if (rn != 15) if (is_writeback(insn))
regs->uregs[rn] = rnv_wb; /* Save Rn in case of writeback. */ regs->uregs[rn] = rnv_wb;
} }
static void __kprobes emulate_ldr(struct kprobe *p, struct pt_regs *regs) static void __kprobes emulate_ldr(struct kprobe *p, struct pt_regs *regs)
...@@ -1183,8 +1183,8 @@ space_cccc_000x(kprobe_opcode_t insn, struct arch_specific_insn *asi) ...@@ -1183,8 +1183,8 @@ space_cccc_000x(kprobe_opcode_t insn, struct arch_specific_insn *asi)
insn &= 0xfff00fff; insn &= 0xfff00fff;
insn |= 0x00002000; /* Rn = r0, Rd = r2 */ insn |= 0x00002000; /* Rn = r0, Rd = r2 */
if (insn & (1 << 22)) { if (!(insn & (1 << 22))) {
/* I bit */ /* Register index */
insn &= ~0xf; insn &= ~0xf;
insn |= 1; /* Rm = r1 */ insn |= 1; /* Rm = r1 */
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册