Module Name: src Committed By: martin Date: Thu Feb 25 09:38:48 UTC 2021
Modified Files: src/sys/arch/m68k/m68k [netbsd-8]: reenter_syscall.s Log Message: Pull up following revision(s) (requested by tsutsui in ticket #1659): sys/arch/m68k/m68k/reenter_syscall.s: revision 1.5 sys/arch/m68k/m68k/reenter_syscall.s: revision 1.6 sys/arch/m68k/m68k/reenter_syscall.s: revision 1.7 Replace magic numbers with proper macros prepared in assym.h. No binary changes. Note this is a preparation for a possible fix of PR port-m68k/55990. Consistently use motorola style. No binary changes. Seems missed in rev 1.3: https://mail-index.netbsd.org/source-changes/2013/08/01/msg046378.html Plug kernel stack leaks in reenter_syscall() for setcontext(2). This fixes long standing kernel crashes (MMU fault, address error, and silent freeze by a double bus fault etc. seen for ~10 years) caused by kernel stack overflow, especially on x68k and sun3 running Xorg based servers. See PR/55990 for more details. "This change seems perfectly reasonable" from thorpej@ and jklos@ also reported this also solved freeze of his mac68k system with 10 megabyes of memory. Should be pulled up to netbsd-9 and netbsd-8. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.4.22.1 src/sys/arch/m68k/m68k/reenter_syscall.s Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/m68k/m68k/reenter_syscall.s diff -u src/sys/arch/m68k/m68k/reenter_syscall.s:1.4 src/sys/arch/m68k/m68k/reenter_syscall.s:1.4.22.1 --- src/sys/arch/m68k/m68k/reenter_syscall.s:1.4 Sat Sep 7 19:06:29 2013 +++ src/sys/arch/m68k/m68k/reenter_syscall.s Thu Feb 25 09:38:48 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: reenter_syscall.s,v 1.4 2013/09/07 19:06:29 chs Exp $ */ +/* $NetBSD: reenter_syscall.s,v 1.4.22.1 2021/02/25 09:38:48 martin Exp $ */ /* * Written by ITOH Yasufumi. @@ -6,6 +6,7 @@ */ #include <m68k/asm.h> +#include "assym.h" /* * void reenter_syscall(struct frame *fp, int stkadj) @@ -38,18 +39,31 @@ ENTRY_NOPROFILE(reenter_syscall) .Lcpfr: movel (%a0)+,(%a1)+ dbra %d0,.Lcpfr - movew %d1,%sp@(16*4+2) | set stack adjust count + movew %d1,FR_ADJ(%sp) | set stack adjust count movel (%sp),-(%sp) | push syscall no (original d0 value) jbsr _C_LABEL(syscall) | re-enter syscall() addql #4,%sp | pop syscall no #ifdef DEBUG - tstw %sp@(16*4+2) | stack adjust must be zero + tstw FR_ADJ(%sp) | stack adjust must be zero jeq .Ladjzero PANIC("reenter_syscall") .Ladjzero: #endif - moveal %sp@(15*4),%a0 | grab and restore + moveal FR_SP(%sp),%a0 | grab and restore movel %a0,%usp | user SP + movw FR_ADJ(%sp),%d0 | need to adjust stack? + jne .Ladjstk | yes, go to it moveml (%sp)+,#0x7FFF | restore user registers addql #8,%sp | pop SP and stack adjust jra _ASM_LABEL(rei) | rte +.Ladjstk: + lea FR_HW(%sp),%a1 | pointer to HW frame + addql #8,%a1 | source pointer + movl %a1,%a0 | source + addw %d0,%a0 | + hole size = dest pointer + movl -(%a1),-(%a0) | copy + movl -(%a1),-(%a0) | 8 bytes + movl %a0,FR_SP(%sp) | new SSP + moveml (%sp)+,#0x7FFF | restore user register + movl (%sp),%sp | and do real RTE + jra _ASM_LABEL(rei) | rte