NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../tools
History
Alexey Dobriyan 6d114116da proc: fix PIE proc-empty-vm, proc-pid-vm tests 
commit 5316a017d093f644675a56523bcf5787ba8f4fef upstream.

vsyscall detection code uses direct call to the beginning of
the vsyscall page:

	asm ("call %P0" :: "i" (0xffffffffff600000))

It generates "call rel32" instruction but it is not relocated if binary
is PIE, so binary segfaults into random userspace address and vsyscall
page status is detected incorrectly.

Do more direct:

	asm ("call *%rax")

which doesn't do need any relocaltions.

Mark g_vsyscall as volatile for a good measure, I didn't find instruction
setting it to 0. Now the code is obviously correct:

	xor	eax, eax
	mov	rdi, rbp
	mov	rsi, rbp
	mov	DWORD PTR [rip+0x2d15], eax      # g_vsyscall = 0
	mov	rax, 0xffffffffff600000
	call	rax
	mov	DWORD PTR [rip+0x2d02], 1        # g_vsyscall = 1
	mov	eax, DWORD PTR ds:0xffffffffff600000
	mov	DWORD PTR [rip+0x2cf1], 2        # g_vsyscall = 2
	mov	edi, [rip+0x2ceb]                # exit(g_vsyscall)
	call	exit

Note: fixed proc-empty-vm test oopses 5.19.0-28-generic kernel
	but this is separate story.

Link: https://lkml.kernel.org/r/Y7h2xvzKLg36DSq8@p183
Fixes: 5bc73bb345 ("proc: test how it holds up with mapping'less process")
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Reported-by: Mirsad Goran Todorovac <mirsad.todorovac@alu.unizg.hr>
Tested-by: Mirsad Goran Todorovac <mirsad.todorovac@alu.unizg.hr>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-01-24 07:24:33 +01:00
..
accounting
arch parisc: Align parisc MADV_XXX constants with all other architectures 2023-01-14 10:33:40 +01:00
bootconfig
bpf bpftool: Fix memory leak in do_build_table_cb 2022-12-31 13:32:23 +01:00
build perf bpf: Fix build with libbpf 0.7.0 by checking if bpf_program__set_insns() is available 2022-10-25 17:40:48 -03:00
certs
cgroup
counter
debugging
edid
firewire
firmware
gpio
hv
iio tools: iio: iio_generic_buffer: Fix read size 2022-11-01 08:48:13 +00:00
include tools/nolibc: fix the O_* fcntl/open macro definitions for riscv 2023-01-18 11:58:27 +01:00
io_uring
kvm/kvm_stat tools/kvm_stat: update exit reasons for vmx/svm/aarch64/userspace 2022-11-09 12:26:52 -05:00
laptop
leds
lib libbpf: Avoid enum forward-declarations in public API in C++ mode 2022-12-31 13:33:03 +01:00
memory-model
objtool objtool: Fix SEGFAULT 2023-01-04 11:28:57 +01:00
pci
pcmcia
perf perf kmem: Support field "node" in evsel__process_alloc_event() coping with recent tracepoint restructuring 2023-01-18 11:58:31 +01:00
power pm-graph v5.10 2022-10-25 17:46:15 +02:00
rcu
scripts
spi
testing proc: fix PIE proc-empty-vm, proc-pid-vm tests 2023-01-24 07:24:33 +01:00
thermal
time
tracing
usb
verification rv/dot2c: Make automaton definition static 2022-10-20 16:02:45 -04:00
virtio tools/virtio: initialize spinlocks in vring_test.c 2023-01-24 07:24:30 +01:00
vm tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep" 2022-11-30 14:49:41 -08:00
wmi
Makefile