summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Neuling <mikey@neuling.org>2008-07-08 18:43:41 +1000
committerBenjamin Herrenschmidt <benh@kernel.crashing.org>2008-07-09 16:30:47 +1000
commitc1cb299ead405f0ac065c4430729549b187e5b32 (patch)
treef61b78d06c8bc49e5b671bd065464613758dcefb
parent1b17adf19b4d66858f366acd82b4e81cba5edc93 (diff)
powerpc: fix swapcontext backwards compat. with VSX ucontext changes
When the ucontext changed to add the VSX context, this broke backwards compatibly on swapcontext. swapcontext only compares the ucontext size passed in from the user to the new kernel ucontext size. This adds a check against the old ucontext size (with VMX but without VSX). It also adds some sanity check for ucontexts without VSX, but where VSX is used according the MSR. Fixes for both 32 and 64bit processes on 64bit kernels Kudos to Paulus for noticing. Signed-off-by: Michael Neuling <mikey@neuling.org> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
-rw-r--r--arch/powerpc/kernel/signal_32.c39
-rw-r--r--arch/powerpc/kernel/signal_64.c36
2 files changed, 70 insertions, 5 deletions
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c
index 9991e2a58bf..6f6810db0a7 100644
--- a/arch/powerpc/kernel/signal_32.c
+++ b/arch/powerpc/kernel/signal_32.c
@@ -68,6 +68,13 @@
#define ucontext ucontext32
/*
+ * Userspace code may pass a ucontext which doesn't include VSX added
+ * at the end. We need to check for this case.
+ */
+#define UCONTEXTSIZEWITHOUTVSX \
+ (sizeof(struct ucontext) - sizeof(elf_vsrreghalf_t32))
+
+/*
* Returning 0 means we return to userspace via
* ret_from_except and thus restore all user
* registers from *regs. This is what we need
@@ -930,12 +937,42 @@ long sys_swapcontext(struct ucontext __user *old_ctx,
{
unsigned char tmp;
+#ifdef CONFIG_PPC64
+ unsigned long new_msr = 0;
+
+ if (new_ctx &&
+ __get_user(new_msr, &new_ctx->uc_mcontext.mc_gregs[PT_MSR]))
+ return -EFAULT;
+ /*
+ * Check that the context is not smaller than the original
+ * size (with VMX but without VSX)
+ */
+ if (ctx_size < UCONTEXTSIZEWITHOUTVSX)
+ return -EINVAL;
+ /*
+ * If the new context state sets the MSR VSX bits but
+ * it doesn't provide VSX state.
+ */
+ if ((ctx_size < sizeof(struct ucontext)) &&
+ (new_msr & MSR_VSX))
+ return -EINVAL;
+#ifdef CONFIG_VSX
+ /*
+ * If userspace doesn't provide enough room for VSX data,
+ * but current thread has used VSX, we don't have anywhere
+ * to store the full context back into.
+ */
+ if ((ctx_size < sizeof(struct ucontext)) &&
+ (current->thread.used_vsr && old_ctx))
+ return -EINVAL;
+#endif
+#else
/* Context size is for future use. Right now, we only make sure
* we are passed something we understand
*/
if (ctx_size < sizeof(struct ucontext))
return -EINVAL;
-
+#endif
if (old_ctx != NULL) {
struct mcontext __user *mctx;
diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c
index 93ebfb6944b..5f9d2ef2e24 100644
--- a/arch/powerpc/kernel/signal_64.c
+++ b/arch/powerpc/kernel/signal_64.c
@@ -268,6 +268,13 @@ static long setup_trampoline(unsigned int syscall, unsigned int __user *tramp)
}
/*
+ * Userspace code may pass a ucontext which doesn't include VSX added
+ * at the end. We need to check for this case.
+ */
+#define UCONTEXTSIZEWITHOUTVSX \
+ (sizeof(struct ucontext) - 32*sizeof(long))
+
+/*
* Handle {get,set,swap}_context operations
*/
int sys_swapcontext(struct ucontext __user *old_ctx,
@@ -276,13 +283,34 @@ int sys_swapcontext(struct ucontext __user *old_ctx,
{
unsigned char tmp;
sigset_t set;
+ unsigned long new_msr = 0;
- /* Context size is for future use. Right now, we only make sure
- * we are passed something we understand
+ if (new_ctx &&
+ __get_user(new_msr, &new_ctx->uc_mcontext.gp_regs[PT_MSR]))
+ return -EFAULT;
+ /*
+ * Check that the context is not smaller than the original
+ * size (with VMX but without VSX)
*/
- if (ctx_size < sizeof(struct ucontext))
+ if (ctx_size < UCONTEXTSIZEWITHOUTVSX)
return -EINVAL;
-
+ /*
+ * If the new context state sets the MSR VSX bits but
+ * it doesn't provide VSX state.
+ */
+ if ((ctx_size < sizeof(struct ucontext)) &&
+ (new_msr & MSR_VSX))
+ return -EINVAL;
+#ifdef CONFIG_VSX
+ /*
+ * If userspace doesn't provide enough room for VSX data,
+ * but current thread has used VSX, we don't have anywhere
+ * to store the full context back into.
+ */
+ if ((ctx_size < sizeof(struct ucontext)) &&
+ (current->thread.used_vsr && old_ctx))
+ return -EINVAL;
+#endif
if (old_ctx != NULL) {
if (!access_ok(VERIFY_WRITE, old_ctx, sizeof(*old_ctx))
|| setup_sigcontext(&old_ctx->uc_mcontext, regs, 0, NULL, 0)