[linux] 02/02: [mips*] Remove pt_regs adjustments in indirect syscall handler (Closes: #867358)

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Tue Oct 3 18:53:13 UTC 2017 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch stretch
in repository linux.

commit a740ec0d2a25763b9c999130b8693b85df436c45
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Tue Oct 3 19:50:49 2017 +0100

    [mips*] Remove pt_regs adjustments in indirect syscall handler (Closes: #867358)
---
 debian/changelog                                   |  2 +
 ...-pt_regs-adjustments-in-indirect-syscall-.patch | 84 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 87 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 0fc8cfb..bf191a7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
 linux (4.9.51-2) UNRELEASED; urgency=medium
 
   * [armhf] dts: exynos: Add dwc3 SUSPHY quirk (Closes: #843448)
+  * [mips*] Remove pt_regs adjustments in indirect syscall handler
+    (Closes: #867358)
 
  -- Ben Hutchings <ben at decadent.org.uk>  Sun, 01 Oct 2017 16:14:43 +0100
 
diff --git a/debian/patches/bugfix/mips/mips-remove-pt_regs-adjustments-in-indirect-syscall-.patch b/debian/patches/bugfix/mips/mips-remove-pt_regs-adjustments-in-indirect-syscall-.patch
new file mode 100644
index 0000000..ddc1bc7
--- /dev/null
+++ b/debian/patches/bugfix/mips/mips-remove-pt_regs-adjustments-in-indirect-syscall-.patch
@@ -0,0 +1,84 @@
+From: James Cowgill <James.Cowgill at imgtec.com>
+Date: Fri, 31 Mar 2017 17:09:59 +0100
+Subject: MIPS: Remove pt_regs adjustments in indirect syscall handler
+Origin: https://git.kernel.org/linus/5af2ed36697e2a48cd7d36232212caa6240fe9bb
+Bug-Debian: https://bugs.debian.org/867358
+
+If a restartable syscall is called using the indirect o32 syscall
+handler - eg: syscall(__NR_waitid, ...), then it is possible for the
+incorrect arguments to be passed to the syscall after it has been
+restarted. This is because the syscall handler tries to shift all the
+registers down one place in pt_regs so that when the syscall is restarted,
+the "real" syscall is called instead. Unfortunately it only shifts the
+arguments passed in registers, not the arguments on the user stack. This
+causes the 4th argument to be duplicated when the syscall is restarted.
+
+Fix by removing all the pt_regs shifting so that the indirect syscall
+handler is called again when the syscall is restarted. The comment "some
+syscalls like execve get their arguments from struct pt_regs" is long
+out of date so this should now be safe.
+
+Signed-off-by: James Cowgill <James.Cowgill at imgtec.com>
+Reviewed-by: James Hogan <james.hogan at imgtec.com>
+Tested-by: James Hogan <james.hogan at imgtec.com>
+Cc: linux-mips at linux-mips.org
+Patchwork: https://patchwork.linux-mips.org/patch/15856/
+Signed-off-by: Ralf Baechle <ralf at linux-mips.org>
+---
+ arch/mips/kernel/scall32-o32.S | 11 -----------
+ arch/mips/kernel/scall64-o32.S |  6 ------
+ 2 files changed, 17 deletions(-)
+
+diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
+index 27c2f90eeb21..a9a7d78803cd 100644
+--- a/arch/mips/kernel/scall32-o32.S
++++ b/arch/mips/kernel/scall32-o32.S
+@@ -190,12 +190,6 @@ load_a7: user_lw(t8, 28(t0))		# argument #8 from usp
+ 	sll	t1, t0, 2
+ 	beqz	v0, einval
+ 	lw	t2, sys_call_table(t1)		# syscall routine
+-	sw	a0, PT_R2(sp)			# call routine directly on restart
+-
+-	/* Some syscalls like execve get their arguments from struct pt_regs
+-	   and claim zero arguments in the syscall table. Thus we have to
+-	   assume the worst case and shuffle around all potential arguments.
+-	   If you want performance, don't use indirect syscalls. */
+ 
+ 	move	a0, a1				# shift argument registers
+ 	move	a1, a2
+@@ -207,11 +201,6 @@ load_a7: user_lw(t8, 28(t0))		# argument #8 from usp
+ 	sw	t4, 16(sp)
+ 	sw	t5, 20(sp)
+ 	sw	t6, 24(sp)
+-	sw	a0, PT_R4(sp)			# .. and push back a0 - a3, some
+-	sw	a1, PT_R5(sp)			# syscalls expect them there
+-	sw	a2, PT_R6(sp)
+-	sw	a3, PT_R7(sp)
+-	sw	a3, PT_R26(sp)			# update a3 for syscall restarting
+ 	jr	t2
+ 	/* Unreached */
+ 
+diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
+index c30bc520885f..9ebe3e2403b1 100644
+--- a/arch/mips/kernel/scall64-o32.S
++++ b/arch/mips/kernel/scall64-o32.S
+@@ -198,7 +198,6 @@ LEAF(sys32_syscall)
+ 	dsll	t1, t0, 3
+ 	beqz	v0, einval
+ 	ld	t2, sys32_call_table(t1)		# syscall routine
+-	sd	a0, PT_R2(sp)		# call routine directly on restart
+ 
+ 	move	a0, a1			# shift argument registers
+ 	move	a1, a2
+@@ -207,11 +206,6 @@ LEAF(sys32_syscall)
+ 	move	a4, a5
+ 	move	a5, a6
+ 	move	a6, a7
+-	sd	a0, PT_R4(sp)		# ... and push back a0 - a3, some
+-	sd	a1, PT_R5(sp)		# syscalls expect them there
+-	sd	a2, PT_R6(sp)
+-	sd	a3, PT_R7(sp)
+-	sd	a3, PT_R26(sp)		# update a3 for syscall restarting
+ 	jr	t2
+ 	/* Unreached */
+ 
diff --git a/debian/patches/series b/debian/patches/series
index de72b33..0a4dce3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -64,6 +64,7 @@ bugfix/x86/platform-x86-ideapad-laptop-add-ideapad-v510-15ikb-t.patch
 bugfix/x86/platform-x86-ideapad-laptop-add-several-models-to-no.patch
 bugfix/powerpc/powerpc-invalidate-erat-on-powersave-wakeup-for-power9.patch
 bugfix/arm/arm-dts-exynos-add-dwc3-susphy-quirk.patch
+bugfix/mips/mips-remove-pt_regs-adjustments-in-indirect-syscall-.patch
 
 # Arch features
 features/mips/MIPS-increase-MAX-PHYSMEM-BITS-on-Loongson-3-only.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list