On 6 April 2018 at 16:17, Christophe Lyon <christophe.l...@st.com> wrote: > The FDPIC restorer needs to deal with a function descriptor, hence we > have to extend 'retcode' such that it can hold the instructions needed > to perform this. > > The restorer sequence uses the same thumbness as the exception > handler (mainly to support Thumb-only architectures). > > Co-Authored-By: Mickaël Guêné <mickael.gu...@st.com> > Signed-off-by: Christophe Lyon <christophe.l...@st.com>
> +#if defined(CONFIG_USE_FDPIC) > +/* > + * Stub needed to make sure the FD register (r9) contains the right > + * value. > + */ > +static const unsigned long sigreturn_fdpic_codes[3] = { > + 0xe59fc004, /* ldr r12, [pc, #4] to read function descriptor */ > + 0xe59c9004, /* ldr r9, [r12, #4] to setup GOT */ > + 0xe59cf000 /* ldr pc, [r12] to jump into restorer */ > +}; > + > +static const unsigned long sigreturn_fdpic_thumb_codes[3] = { > + 0xc008f8df, /* ldr r12, [pc, #8] to read function descriptor */ > + 0x9004f8dc, /* ldr r9, [r12, #4] to setup GOT */ > + 0xf000f8dc /* ldr pc, [r12] to jump into restorer */ > +}; > +#endif > > static inline int valid_user_regs(CPUARMState *regs) > { > @@ -2143,7 +2160,19 @@ setup_return(CPUARMState *env, struct target_sigaction > *ka, > { > abi_ulong handler = ka->_sa_handler; > abi_ulong retcode; > + > +#ifdef CONFIG_USE_FDPIC > + int thumb; > + > + if (env->is_fdpic) { > + thumb = (((abi_ulong *)g2h(ka->_sa_handler))[0]) & 1; > + } else { > + thumb = handler & 1; > + } Dereferencing a pointer obtained by a raw g2h() is very likely wrong. You want either to use one of the get_user_*() macros, or a lock_user/__get_user/unlock_user sequence, so that you can detect whether the guest actually has read access to the address, and correctly handle the case where it does not. thanks -- PMM