michaelh/zephyr
1
0
Fork 0
Code Releases Activity

arm: syscalls: fix some register issues

Browse source 
Upon return from a syscall handlers, the r1, r2, and r3 registers
could contain random kernel data that should not be leaked to user
mode. Zero these out before returning from _arm_do_syscall().
Fixes #7753.

The invocation macros need a clobber if r1, r2, or r3 are not used
to carry syscall arguments. This is a partial fix for #7754 but
there appear to be other issues.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
Andrew Boie 2018-05-22 09:37:18 -07:00 committed by Andrew Boie
commit 9731a0cce9
2 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
include/arch/arm/arch.h
View file

@ -425,7 +425,7 @@ static inline u32_t _arch_syscall_invoke3(u32_t arg1, u32_t arg2, u32_t arg3,
: "=r"(ret)
: [svid] "i" (_SVC_CALL_SYSTEM_CALL),
"r" (ret), "r" (r1), "r" (r2), "r" (r6)
: "r7", "memory");
: "r7", "memory", "r3");
return ret;
}
@ -440,7 +440,7 @@ static inline u32_t _arch_syscall_invoke2(u32_t arg1, u32_t arg2, u32_t call_id)
: "=r"(ret)
: [svid] "i" (_SVC_CALL_SYSTEM_CALL),
"r" (ret), "r" (r1), "r" (r6)
: "r7", "memory");
: "r7", "memory", "r2", "r3");
return ret;
}
@ -454,7 +454,7 @@ static inline u32_t _arch_syscall_invoke1(u32_t arg1, u32_t call_id)
: "=r"(ret)
: [svid] "i" (_SVC_CALL_SYSTEM_CALL),
"r" (ret), "r" (r6)
: "r7", "memory");
: "r7", "memory", "r1", "r2", "r3");
return ret;
}
@ -467,7 +467,7 @@ static inline u32_t _arch_syscall_invoke0(u32_t call_id)
: "=r"(ret)
: [svid] "i" (_SVC_CALL_SYSTEM_CALL),
"r" (ret), "r" (r6)
: "r7", "memory");
: "r7", "memory", "r1", "r2", "r3");
return ret;
}