sh: sanitize the flags on sigreturn · tjh.dev/kernel@573b22c

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

sh: sanitize the flags on sigreturn

We fetch %SR value from sigframe; it might have been modified by signal
handler, so we can't trust it with any bits that are not modifiable in
user mode.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Cc: Rich Felker <dalias@libc.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Al Viro and committed by

Linus Torvalds 3 years ago 573b22cc 6a98c9ca

2 changed files

expand all

arch

include

asm

processor_32.h

kernel

signal_32.c

arch/sh/include/asm/processor_32.h

··· 50 50 #define SR_FD 0x00008000 51 51 #define SR_MD 0x40000000 52 52 53 + #define SR_USER_MASK 0x00000303 // M, Q, S, T bits 53 54 /* 54 55 * DSP structure and data 55 56 */

arch/sh/kernel/signal_32.c

··· 115 115 restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc, int *r0_p) 116 116 { 117 117 unsigned int err = 0; 118 + unsigned int sr = regs->sr & ~SR_USER_MASK; 118 119 119 120 #define COPY(x) err |= __get_user(regs->x, &sc->sc_##x) 120 121 COPY(regs[1]); ··· 130 129 COPY(macl); COPY(pr); 131 130 COPY(sr); COPY(pc); 132 131 #undef COPY 132 + 133 + regs->sr = (regs->sr & SR_USER_MASK) | sr; 133 134 134 135 #ifdef CONFIG_SH_FPU 135 136 if (boot_cpu_data.flags & CPU_HAS_FPU) {

Configure Feed

Configure Feed