Tue Jun 12 23:23:27 2012 UTC ()
Pull up following revision(s) (requested by spz in ticket #1450):
	sys/arch/amd64/amd64/machdep.c: revision 1.184
	sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.77
If the user process provided a bogus signal handler address, kill it
now instead of trying to jump to the bogus address.


(riz)
diff -r1.44.2.6 -r1.44.2.7 src/sys/arch/amd64/amd64/machdep.c
diff -r1.30.2.3 -r1.30.2.4 src/sys/arch/amd64/amd64/netbsd32_machdep.c
cvs diff -r1.44.2.6 -r1.44.2.7 src/sys/arch/amd64/amd64/machdep.c (expand / switch to unified diff)

--- src/sys/arch/amd64/amd64/machdep.c 2009/10/18 15:20:42 1.44.2.6
+++ src/sys/arch/amd64/amd64/machdep.c 2012/06/12 23:23:26 1.44.2.7
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: machdep.c,v 1.44.2.6 2009/10/18 15:20:42 bouyer Exp $ */ 1/* $NetBSD: machdep.c,v 1.44.2.7 2012/06/12 23:23:26 riz Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 1996, 1997, 1998, 2000 The NetBSD Foundation, Inc. 4 * Copyright (c) 1996, 1997, 1998, 2000 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Charles M. Hannum and by Jason R. Thorpe of the Numerical Aerospace 8 * by Charles M. Hannum and by Jason R. Thorpe of the Numerical Aerospace
9 * Simulation Facility, NASA Ames Research Center. 9 * Simulation Facility, NASA Ames Research Center.
10 * 10 *
11 * Redistribution and use in source and binary forms, with or without 11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions 12 * modification, are permitted provided that the following conditions
13 * are met: 13 * are met:
14 * 1. Redistributions of source code must retain the above copyright 14 * 1. Redistributions of source code must retain the above copyright
@@ -62,27 +62,27 @@ @@ -62,27 +62,27 @@
62 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 62 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
63 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 63 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
64 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 64 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
65 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 65 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
66 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 66 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
67 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 67 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
68 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 68 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
69 * SUCH DAMAGE. 69 * SUCH DAMAGE.
70 * 70 *
71 * @(#)machdep.c 7.4 (Berkeley) 6/3/91 71 * @(#)machdep.c 7.4 (Berkeley) 6/3/91
72 */ 72 */
73 73
74#include <sys/cdefs.h> 74#include <sys/cdefs.h>
75__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.44.2.6 2009/10/18 15:20:42 bouyer Exp $"); 75__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.44.2.7 2012/06/12 23:23:26 riz Exp $");
76 76
77#include "opt_user_ldt.h" 77#include "opt_user_ldt.h"
78#include "opt_ddb.h" 78#include "opt_ddb.h"
79#include "opt_kgdb.h" 79#include "opt_kgdb.h"
80#include "opt_compat_netbsd.h" 80#include "opt_compat_netbsd.h"
81#include "opt_compat_netbsd32.h" 81#include "opt_compat_netbsd32.h"
82#include "opt_compat_ibcs2.h" 82#include "opt_compat_ibcs2.h"
83#include "opt_cpureset_delay.h" 83#include "opt_cpureset_delay.h"
84#include "opt_multiprocessor.h" 84#include "opt_multiprocessor.h"
85#include "opt_mtrr.h" 85#include "opt_mtrr.h"
86#include "opt_realmem.h" 86#include "opt_realmem.h"
87 87
88#include <sys/param.h> 88#include <sys/param.h>
@@ -518,26 +518,36 @@ sendsig(const ksiginfo_t *ksi, const sig @@ -518,26 +518,36 @@ sendsig(const ksiginfo_t *ksi, const sig
518 518
519 buildcontext(l, catcher, fp); 519 buildcontext(l, catcher, fp);
520 520
521 /* Ensure FP state is reset, if FP is used. */ 521 /* Ensure FP state is reset, if FP is used. */
522 l->l_md.md_flags &= ~MDP_USEDFPU; 522 l->l_md.md_flags &= ~MDP_USEDFPU;
523 523
524 tf->tf_rdi = sig; 524 tf->tf_rdi = sig;
525 tf->tf_rsi = (uint64_t)&fp->sf_si; 525 tf->tf_rsi = (uint64_t)&fp->sf_si;
526 tf->tf_rdx = tf->tf_r15 = (uint64_t)&fp->sf_uc; 526 tf->tf_rdx = tf->tf_r15 = (uint64_t)&fp->sf_uc;
527 527
528 /* Remember that we're now on the signal stack. */ 528 /* Remember that we're now on the signal stack. */
529 if (onstack) 529 if (onstack)
530 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK; 530 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK;
 531
 532 if ((vaddr_t)catcher >= VM_MAXUSER_ADDRESS) {
 533 /*
 534 * process has given an invalid address for the
 535 * handler. Stop it, but do not do it before so
 536 * we can return the right info to userland (or in core dump)
 537 */
 538 sigexit(l, SIGILL);
 539 /* NOTREACHED */
 540 }
531} 541}
532 542
533void  543void
534cpu_upcall(struct lwp *l, int type, int nevents, int ninterrupted, void *sas, void *ap, void *sp, sa_upcall_t upcall) 544cpu_upcall(struct lwp *l, int type, int nevents, int ninterrupted, void *sas, void *ap, void *sp, sa_upcall_t upcall)
535{ 545{
536 struct trapframe *tf; 546 struct trapframe *tf;
537 547
538 tf = l->l_md.md_regs; 548 tf = l->l_md.md_regs;
539 549
540#if 0 550#if 0
541 printf("proc %d: upcall to lwp %d, type %d ev %d int %d sas %p to %p\n", 551 printf("proc %d: upcall to lwp %d, type %d ev %d int %d sas %p to %p\n",
542 (int)l->l_proc->p_pid, (int)l->l_lid, type, nevents, ninterrupted, 552 (int)l->l_proc->p_pid, (int)l->l_lid, type, nevents, ninterrupted,
543 sas, (void *)upcall); 553 sas, (void *)upcall);
cvs diff -r1.30.2.3 -r1.30.2.4 src/sys/arch/amd64/amd64/netbsd32_machdep.c (expand / switch to unified diff)

--- src/sys/arch/amd64/amd64/netbsd32_machdep.c 2009/10/18 15:22:38 1.30.2.3
+++ src/sys/arch/amd64/amd64/netbsd32_machdep.c 2012/06/12 23:23:26 1.30.2.4
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: netbsd32_machdep.c,v 1.30.2.3 2009/10/18 15:22:38 bouyer Exp $ */ 1/* $NetBSD: netbsd32_machdep.c,v 1.30.2.4 2012/06/12 23:23:26 riz Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001 Wasabi Systems, Inc. 4 * Copyright (c) 2001 Wasabi Systems, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Written by Frank van der Linden for Wasabi Systems, Inc. 7 * Written by Frank van der Linden for Wasabi Systems, Inc.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -26,27 +26,27 @@ @@ -26,27 +26,27 @@
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35 * POSSIBILITY OF SUCH DAMAGE. 35 * POSSIBILITY OF SUCH DAMAGE.
36 */ 36 */
37 37
38#include <sys/cdefs.h> 38#include <sys/cdefs.h>
39__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.30.2.3 2009/10/18 15:22:38 bouyer Exp $"); 39__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.30.2.4 2012/06/12 23:23:26 riz Exp $");
40 40
41#include "opt_compat_netbsd.h" 41#include "opt_compat_netbsd.h"
42#include "opt_coredump.h" 42#include "opt_coredump.h"
43#include "opt_execfmt.h" 43#include "opt_execfmt.h"
44#include "opt_user_ldt.h" 44#include "opt_user_ldt.h"
45#include "opt_mtrr.h" 45#include "opt_mtrr.h"
46 46
47#include <sys/param.h> 47#include <sys/param.h>
48#include <sys/exec.h> 48#include <sys/exec.h>
49#include <sys/malloc.h> 49#include <sys/malloc.h>
50#include <sys/proc.h> 50#include <sys/proc.h>
51#include <sys/signalvar.h> 51#include <sys/signalvar.h>
52#include <sys/systm.h> 52#include <sys/systm.h>
@@ -247,26 +247,36 @@ netbsd32_sendsig_sigcontext(const ksigin @@ -247,26 +247,36 @@ netbsd32_sendsig_sigcontext(const ksigin
247 tf->tf_es = GSEL(GUDATA32_SEL, SEL_UPL); 247 tf->tf_es = GSEL(GUDATA32_SEL, SEL_UPL);
248 tf->tf_fs = GSEL(GUDATA32_SEL, SEL_UPL); 248 tf->tf_fs = GSEL(GUDATA32_SEL, SEL_UPL);
249 tf->tf_gs = GSEL(GUDATA32_SEL, SEL_UPL); 249 tf->tf_gs = GSEL(GUDATA32_SEL, SEL_UPL);
250 250
251 tf->tf_rip = (u_int64_t)catcher; 251 tf->tf_rip = (u_int64_t)catcher;
252 tf->tf_cs = GSEL(GUCODE32_SEL, SEL_UPL); 252 tf->tf_cs = GSEL(GUCODE32_SEL, SEL_UPL);
253 tf->tf_rflags &= ~(PSL_T|PSL_VM|PSL_AC); 253 tf->tf_rflags &= ~(PSL_T|PSL_VM|PSL_AC);
254 tf->tf_rsp = (u_int64_t)fp; 254 tf->tf_rsp = (u_int64_t)fp;
255 tf->tf_ss = GSEL(GUDATA32_SEL, SEL_UPL); 255 tf->tf_ss = GSEL(GUDATA32_SEL, SEL_UPL);
256 256
257 /* Remember that we're now on the signal stack. */ 257 /* Remember that we're now on the signal stack. */
258 if (onstack) 258 if (onstack)
259 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK; 259 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK;
 260
 261 if ((vaddr_t)catcher >= VM_MAXUSER_ADDRESS) {
 262 /*
 263 * process has given an invalid address for the
 264 * handler. Stop it, but do not do it before so
 265 * we can return the right info to userland (or in core dump)
 266 */
 267 sigexit(l, SIGILL);
 268 /* NOTREACHED */
 269 }
260} 270}
261#endif 271#endif
262 272
263static void 273static void
264netbsd32_sendsig_siginfo(const ksiginfo_t *ksi, const sigset_t *mask) 274netbsd32_sendsig_siginfo(const ksiginfo_t *ksi, const sigset_t *mask)
265{ 275{
266 struct lwp *l = curlwp; 276 struct lwp *l = curlwp;
267 struct proc *p = l->l_proc; 277 struct proc *p = l->l_proc;
268 struct sigacts *ps = p->p_sigacts; 278 struct sigacts *ps = p->p_sigacts;
269 /* Ensure FP state is reset, if FP is used. */ 279 /* Ensure FP state is reset, if FP is used. */
270 l->l_md.md_flags &= ~MDP_USEDFPU; 280 l->l_md.md_flags &= ~MDP_USEDFPU;
271 281
272 int onstack; 282 int onstack;
@@ -334,26 +344,36 @@ netbsd32_sendsig_siginfo(const ksiginfo_ @@ -334,26 +344,36 @@ netbsd32_sendsig_siginfo(const ksiginfo_
334 344
335 tf->tf_rip = (u_int64_t)catcher; 345 tf->tf_rip = (u_int64_t)catcher;
336 tf->tf_cs = GSEL(GUCODE32_SEL, SEL_UPL); 346 tf->tf_cs = GSEL(GUCODE32_SEL, SEL_UPL);
337 tf->tf_rflags &= ~(PSL_T|PSL_VM|PSL_AC); 347 tf->tf_rflags &= ~(PSL_T|PSL_VM|PSL_AC);
338 tf->tf_rsp = (u_int64_t)fp; 348 tf->tf_rsp = (u_int64_t)fp;
339 tf->tf_ss = GSEL(GUDATA32_SEL, SEL_UPL); 349 tf->tf_ss = GSEL(GUDATA32_SEL, SEL_UPL);
340 350
341 /* Ensure FP state is reset, if FP is used. */ 351 /* Ensure FP state is reset, if FP is used. */
342 l->l_md.md_flags &= ~MDP_USEDFPU; 352 l->l_md.md_flags &= ~MDP_USEDFPU;
343 353
344 /* Remember that we're now on the signal stack. */ 354 /* Remember that we're now on the signal stack. */
345 if (onstack) 355 if (onstack)
346 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK; 356 p->p_sigctx.ps_sigstk.ss_flags |= SS_ONSTACK;
 357
 358 if ((vaddr_t)catcher >= VM_MAXUSER_ADDRESS) {
 359 /*
 360 * process has given an invalid address for the
 361 * handler. Stop it, but do not do it before so
 362 * we can return the right info to userland (or in core dump)
 363 */
 364 sigexit(l, SIGILL);
 365 /* NOTREACHED */
 366 }
347} 367}
348 368
349void 369void
350netbsd32_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) 370netbsd32_sendsig(const ksiginfo_t *ksi, const sigset_t *mask)
351{ 371{
352#ifdef COMPAT_16 372#ifdef COMPAT_16
353 if (curproc->p_sigacts->sa_sigdesc[ksi->ksi_signo].sd_vers < 2) 373 if (curproc->p_sigacts->sa_sigdesc[ksi->ksi_signo].sd_vers < 2)
354 netbsd32_sendsig_sigcontext(ksi, mask); 374 netbsd32_sendsig_sigcontext(ksi, mask);
355 else 375 else
356#endif 376#endif
357 netbsd32_sendsig_siginfo(ksi, mask); 377 netbsd32_sendsig_siginfo(ksi, mask);
358} 378}
359 379