xtensa: userspace: fix incorrectly passed syscall frame pointer
Calling z_mrsh_* functions require 7 arguments where the 7th is the stack frame. Only the first 6 arguments are passed by registers where the 7th must be done via stack. However, this is not being done and an incorrect argument was being passed to the z_mrsh_* functions as stack frame pointer. An obvious issue would be dumping of stack during kernel oops, as incorrect data was being printed or crashes due to inaccessible memory. So fix it by properly populating the stack with correct stack frame pointer as outgoing argument for the caller of z_mrsh_* functions. Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This commit is contained in:
parent
857abb8276
commit
5db5e8e109
1 changed files with 15 additions and 1 deletions
|
@ -135,7 +135,15 @@ _id_ok:
|
|||
mov a11, a9
|
||||
mov a8, a4
|
||||
mov a9, a5
|
||||
l32i a3, a1, 0
|
||||
|
||||
/* Stack frame pointer is the 7th argument to z_mrsh_*()
|
||||
* as ssf, and must be put on stack to be consumed.
|
||||
*/
|
||||
mov a3, a1
|
||||
addi a1, a1, -4
|
||||
s32i a3, a1, 0
|
||||
|
||||
l32i a3, a1, 4
|
||||
l32i a7, a3, ___xtensa_irq_bsa_t_a3_OFFSET
|
||||
|
||||
|
||||
|
@ -148,6 +156,12 @@ _id_ok:
|
|||
|
||||
callx4 a2
|
||||
|
||||
/* Going back before stack frame pointer on stack to
|
||||
* actual the stack frame. So restoration of registers
|
||||
* can be done properly when finishing syscalls.
|
||||
*/
|
||||
addi a1, a1, 4
|
||||
|
||||
/* copy return value. Lets put it in the top of stack
|
||||
* because registers will be clobbered in
|
||||
* xtensa_restore_high_regs
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue