arch: arc: fix the bug of blt in syscall
blt is signed comparsion, if r6 is a negative number created by malicious code, it will pass the check, bring a secure risk. use blo (unsinged comparison) to do the check. Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
This commit is contained in:
Wayne Ren
Johan Hedberg
parent
bf8caf3956
commit
5f0650b596
1 changed files with 1 additions and 1 deletions
|
|
@ -206,7 +206,7 @@ SECTION_SUBSEC_FUNC(TEXT,__fault,__ev_trap)
|
||||||
/* do sys_call */
|
/* do sys_call */
|
||||||
mov_s ilink, K_SYSCALL_LIMIT
|
mov_s ilink, K_SYSCALL_LIMIT
|
||||||
cmp r6, ilink
|
cmp r6, ilink
|
||||||
blt valid_syscall_id
|
blo valid_syscall_id
|
||||||
|
|
||||||
mov_s r0, r6
|
mov_s r0, r6
|
||||||
mov_s r6, K_SYSCALL_BAD
|
mov_s r6, K_SYSCALL_BAD
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue