CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src
Committed By: martin
Date: Wed Nov 27 11:11:17 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64 [netbsd-9]: netbsd32_machdep.c
Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #488):
sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.126
Don't depend on #ifdef USER_LDT in cpu_mcontext32_validate(), but rather on
whether the proc uses a user-set LDT. Same as check_sigcontext32().
To generate a diff of this commit:
cvs rdiff -u -r1.125.2.1 -r1.125.2.2 \
src/sys/arch/amd64/amd64/netbsd32_machdep.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/amd64/amd64/netbsd32_machdep.c
diff -u src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125.2.1 src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125.2.2
--- src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125.2.1 Thu Nov 21 14:02:33 2019
+++ src/sys/arch/amd64/amd64/netbsd32_machdep.c Wed Nov 27 11:11:17 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: netbsd32_machdep.c,v 1.125.2.1 2019/11/21 14:02:33 martin Exp $ */
+/* $NetBSD: netbsd32_machdep.c,v 1.125.2.2 2019/11/27 11:11:17 martin Exp $ */
/*
* Copyright (c) 2001 Wasabi Systems, Inc.
@@ -36,7 +36,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.125.2.1 2019/11/21 14:02:33 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.125.2.2 2019/11/27 11:11:17 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -905,12 +905,6 @@ startlwp32(void *arg)
userret(l);
}
-/*
- * For various reasons, the amd64 port can't do what the i386 port does,
- * and relies on catching invalid user contexts on exit from the kernel.
- * These functions perform the needed checks.
- */
-
int
check_sigcontext32(struct lwp *l, const struct netbsd32_sigcontext *scp)
{
@@ -925,21 +919,22 @@ check_sigcontext32(struct lwp *l, const
return EINVAL;
if (__predict_false(pmap->pm_ldt != NULL)) {
- /* Only when the LDT is user-set (with USER_LDT) */
+ /* Allow unfamiliar segment register values (USER_LDT). */
if (!USERMODE(scp->sc_cs))
return EINVAL;
} else {
if (!VALID_USER_CSEL32(scp->sc_cs))
return EINVAL;
if (scp->sc_fs != 0 && !VALID_USER_DSEL32(scp->sc_fs) &&
- !(VALID_USER_FSEL32(scp->sc_fs) && pcb->pcb_fs != 0))
+ !(VALID_USER_FSEL32(scp->sc_fs) && pcb->pcb_fs != 0))
return EINVAL;
if (scp->sc_gs != 0 && !VALID_USER_DSEL32(scp->sc_gs) &&
- !(VALID_USER_GSEL32(scp->sc_gs) && pcb->pcb_gs != 0))
+ !(VALID_USER_GSEL32(scp->sc_gs) && pcb->pcb_gs != 0))
return EINVAL;
if (scp->sc_es != 0 && !VALID_USER_DSEL32(scp->sc_es))
return EINVAL;
- if (!VALID_USER_DSEL32(scp->sc_ds) || !VALID_USER_DSEL32(scp->sc_ss))
+ if (!VALID_USER_DSEL32(scp->sc_ds) ||
+ !VALID_USER_DSEL32(scp->sc_ss))
return EINVAL;
}
@@ -952,36 +947,37 @@ check_sigcontext32(struct lwp *l, const
int
cpu_mcontext32_validate(struct lwp *l, const mcontext32_t *mcp)
{
+ struct pmap *pmap = l->l_proc->p_vmspace->vm_map.pmap;
const __greg32_t *gr;
struct trapframe *tf;
+ struct pcb *pcb;
gr = mcp->__gregs;
tf = l->l_md.md_regs;
+ pcb = lwp_getpcb(l);
if (((gr[_REG32_EFL] ^ tf->tf_rflags) & PSL_USERSTATIC) != 0)
return EINVAL;
-#ifdef USER_LDT
- /* Userland is allowed to have unfamiliar segment register values */
- if (!USERMODE(gr[_REG32_CS]))
- return EINVAL;
-#else
- struct pcb *pcb = lwp_getpcb(l);
-
- if (!VALID_USER_CSEL32(gr[_REG32_CS]))
- return EINVAL;
- if (gr[_REG32_FS] != 0 && !VALID_USER_DSEL32(gr[_REG32_FS]) &&
- !(VALID_USER_FSEL32(gr[_REG32_FS]) && pcb->pcb_fs != 0))
- return EINVAL;
- if (gr[_REG32_GS] != 0 && !VALID_USER_DSEL32(gr[_REG32_GS]) &&
- !(VALID_USER_GSEL32(gr[_REG32_GS]) && pcb->pcb_gs != 0))
- return EINVAL;
- if (gr[_REG32_ES] != 0 && !VALID_USER_DSEL32(gr[_REG32_ES]))
- return EINVAL;
- if (!VALID_USER_DSEL32(gr[_REG32_DS]) ||
- !VALID_USER_DSEL32(gr[_REG32_SS]))
- return EINVAL;
-#endif
+ if (__predict_false(pmap->pm_ldt != NULL)) {
+ /* Allow unfamiliar segment register values (USER_LDT). */
+ if (!USERMODE(gr[_REG32_CS]))
+ return EINVAL;
+ } else {
+ if (!VALID_USER_CSEL32(gr[_REG32_CS]))
+ return EINVAL;
+ if (gr[_REG32_FS] != 0 && !VALID_USER_DSEL32(gr[_REG32_FS]) &&
+ !(VALID_USER_FSEL32(gr[_REG32_FS]) && pcb->pcb_fs != 0))
+ return EINVAL;
+ if (gr[_REG32_GS] != 0 && !VALID_USER_DSEL32(gr[_REG32_GS]) &&
+ !(VALID_USER_GSEL32(gr[_REG32_GS]) && pcb->pcb_gs != 0))
+ return EINVAL;
+ if (gr[_REG32_ES] != 0 && !VALID_USER_DSEL32(gr[_REG32_ES]))
+ return EINVAL;
+ if (!VALID_USER_DSEL32(gr[_REG32_DS]) ||
+ !VALID_USER_DSEL32(gr[_REG32_SS]))
+ return EINVAL;
+ }
if (gr[_REG32_EIP] >= VM_MAXUSER_ADDRESS32)
return EINVAL;
CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src Committed By: martin Date: Wed Nov 27 11:11:17 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-9]: netbsd32_machdep.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #488): sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.126 Don't depend on #ifdef USER_LDT in cpu_mcontext32_validate(), but rather on whether the proc uses a user-set LDT. Same as check_sigcontext32(). To generate a diff of this commit: cvs rdiff -u -r1.125.2.1 -r1.125.2.2 \ src/sys/arch/amd64/amd64/netbsd32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src Committed By: martin Date: Thu Nov 21 14:02:33 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-9]: netbsd32_machdep.c Log Message: Pull up following revision(s) (requested by rin in ticket #460): sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.130 Fix netbsd32_process_write_dbregs() for amd64: - Zero-clear regs64 so that random values are not written into the preserved registers. - Cast 32-bit registers (int) to u_int, in order to avoid undesired sign extension when filled into 64-bit registers (long). XXX pullup to netbsd-9 To generate a diff of this commit: cvs rdiff -u -r1.125 -r1.125.2.1 src/sys/arch/amd64/amd64/netbsd32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src Committed By: martin Date: Thu Nov 21 14:02:33 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-9]: netbsd32_machdep.c Log Message: Pull up following revision(s) (requested by rin in ticket #460): sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.130 Fix netbsd32_process_write_dbregs() for amd64: - Zero-clear regs64 so that random values are not written into the preserved registers. - Cast 32-bit registers (int) to u_int, in order to avoid undesired sign extension when filled into 64-bit registers (long). XXX pullup to netbsd-9 To generate a diff of this commit: cvs rdiff -u -r1.125 -r1.125.2.1 src/sys/arch/amd64/amd64/netbsd32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/netbsd32_machdep.c diff -u src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125 src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125.2.1 --- src/sys/arch/amd64/amd64/netbsd32_machdep.c:1.125 Sat Jul 20 18:25:11 2019 +++ src/sys/arch/amd64/amd64/netbsd32_machdep.c Thu Nov 21 14:02:33 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: netbsd32_machdep.c,v 1.125 2019/07/20 18:25:11 christos Exp $ */ +/* $NetBSD: netbsd32_machdep.c,v 1.125.2.1 2019/11/21 14:02:33 martin Exp $ */ /* * Copyright (c) 2001 Wasabi Systems, Inc. @@ -36,7 +36,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.125 2019/07/20 18:25:11 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.125.2.1 2019/11/21 14:02:33 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_compat_netbsd.h" @@ -489,13 +489,15 @@ netbsd32_process_write_dbregs(struct lwp return EINVAL; } - regs64.dr[0] = regs->dr[0]; - regs64.dr[1] = regs->dr[1]; - regs64.dr[2] = regs->dr[2]; - regs64.dr[3] = regs->dr[3]; + memset(, 0, sizeof(regs64)); - regs64.dr[6] = regs->dr[6]; - regs64.dr[7] = regs->dr[7]; + regs64.dr[0] = (u_int)regs->dr[0]; + regs64.dr[1] = (u_int)regs->dr[1]; + regs64.dr[2] = (u_int)regs->dr[2]; + regs64.dr[3] = (u_int)regs->dr[3]; + + regs64.dr[6] = (u_int)regs->dr[6]; + regs64.dr[7] = (u_int)regs->dr[7]; x86_dbregs_write(l, ); return 0;
CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src
Committed By: martin
Date: Tue Aug 6 16:14:33 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64 [netbsd-9]: process_machdep.c
Log Message:
Pull up following revision(s) (requested by kamil in ticket #19):
sys/arch/amd64/amd64/process_machdep.c: revision 1.44
Do not dereference user pointer in ptrace_machdep_dorequest()/amd64
Always use copyin(9) for reading user memory.
This fixes SMAP crash on some amd64 machines.
Reported by
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.43.2.1 src/sys/arch/amd64/amd64/process_machdep.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/amd64/amd64/process_machdep.c
diff -u src/sys/arch/amd64/amd64/process_machdep.c:1.43 src/sys/arch/amd64/amd64/process_machdep.c:1.43.2.1
--- src/sys/arch/amd64/amd64/process_machdep.c:1.43 Wed Jul 24 16:36:47 2019
+++ src/sys/arch/amd64/amd64/process_machdep.c Tue Aug 6 16:14:33 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: process_machdep.c,v 1.43 2019/07/24 16:36:47 bouyer Exp $ */
+/* $NetBSD: process_machdep.c,v 1.43.2.1 2019/08/06 16:14:33 martin Exp $ */
/*
* Copyright (c) 1998, 2000 The NetBSD Foundation, Inc.
@@ -74,7 +74,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: process_machdep.c,v 1.43 2019/07/24 16:36:47 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: process_machdep.c,v 1.43.2.1 2019/08/06 16:14:33 martin Exp $");
#include "opt_xen.h"
#include
@@ -327,14 +327,21 @@ ptrace_machdep_dorequest(
if (!process_machdep_validxstate(lt->l_proc))
return EINVAL;
if (__predict_false(l->l_proc->p_flag & PK_32)) {
- struct netbsd32_iovec *user_iov = addr;
- iov.iov_base = NETBSD32PTR64(user_iov->iov_base);
- iov.iov_len = user_iov->iov_len;
+ struct netbsd32_iovec user_iov;
+ if ((error = copyin(addr, _iov, sizeof(user_iov)))
+ != 0)
+return error;
+
+ iov.iov_base = NETBSD32PTR64(user_iov.iov_base);
+ iov.iov_len = user_iov.iov_len;
} else {
- struct iovec *user_iov;
- user_iov = (struct iovec*)addr;
- iov.iov_base = user_iov->iov_base;
- iov.iov_len = user_iov->iov_len;
+ struct iovec user_iov;
+ if ((error = copyin(addr, _iov, sizeof(user_iov)))
+ != 0)
+return error;
+
+ iov.iov_base = user_iov.iov_base;
+ iov.iov_len = user_iov.iov_len;
}
error = proc_vmspace_getref(l->l_proc, );
CVS commit: [netbsd-9] src/sys/arch/amd64/amd64
Module Name:src Committed By: martin Date: Tue Aug 6 16:14:33 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-9]: process_machdep.c Log Message: Pull up following revision(s) (requested by kamil in ticket #19): sys/arch/amd64/amd64/process_machdep.c: revision 1.44 Do not dereference user pointer in ptrace_machdep_dorequest()/amd64 Always use copyin(9) for reading user memory. This fixes SMAP crash on some amd64 machines. Reported by To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.43.2.1 src/sys/arch/amd64/amd64/process_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
