diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2003-08-10 00:03:22 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2003-08-10 00:03:22 +0000 |
| commit | 53b5f11a42e0b5c32b11cf6ef4039d74df1fac6f (patch) | |
| tree | bab2f1e2f9eedfe7287ab954071034bd2a7cde1c | |
| parent | c55c7c08bb15cf52e318661c21cbb7a896b8ca10 (diff) | |
Do not trust and use uvm_useracc, but rather always check copy{in,out} for
failure and act appropriately.
| -rw-r--r-- | sys/arch/alpha/alpha/machdep.c | 43 | ||||
| -rw-r--r-- | sys/arch/alpha/alpha/netbsd_machdep.c | 42 | ||||
| -rw-r--r-- | sys/arch/alpha/alpha/trap.c | 31 |
3 files changed, 53 insertions, 63 deletions
diff --git a/sys/arch/alpha/alpha/machdep.c b/sys/arch/alpha/alpha/machdep.c index cd423477c4e..5d5688589db 100644 --- a/sys/arch/alpha/alpha/machdep.c +++ b/sys/arch/alpha/alpha/machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: machdep.c,v 1.82 2003/06/03 17:31:01 drahn Exp $ */ +/* $OpenBSD: machdep.c,v 1.83 2003/08/10 00:03:21 miod Exp $ */ /* $NetBSD: machdep.c,v 1.210 2000/06/01 17:12:38 thorpej Exp $ */ /*- @@ -1557,24 +1557,6 @@ sendsig(catcher, sig, mask, code, type, val) printf("sendsig(%d): sig %d ssp %p usp %p\n", p->p_pid, sig, &oonstack, scp); #endif - if (uvm_useracc((caddr_t)scp, fsize, B_WRITE) == 0) { -#ifdef DEBUG - if ((sigdebug & SDB_KSTACK) && p->p_pid == sigpid) - printf("sendsig(%d): uvm_useracc failed on sig %d\n", - p->p_pid, sig); -#endif - /* - * Process has trashed its stack; give it an illegal - * instruction to halt it in its tracks. - */ - SIGACTION(p, SIGILL) = SIG_DFL; - sig = sigmask(SIGILL); - p->p_sigignore &= ~sig; - p->p_sigcatch &= ~sig; - p->p_sigmask &= ~sig; - psignal(p, SIGILL); - return; - } /* * Build the signal context to be used by sigreturn. @@ -1612,14 +1594,33 @@ sendsig(catcher, sig, mask, code, type, val) if (psp->ps_siginfo & sigmask(sig)) { initsiginfo(&ksi, sig, code, type, val); sip = (void *)scp + kscsize; - (void) copyout((caddr_t)&ksi, (caddr_t)sip, fsize - kscsize); + if (copyout((caddr_t)&ksi, (caddr_t)sip, fsize - kscsize) != 0) + goto trash; } else sip = NULL; /* * copy the frame out to userland. */ - (void) copyout((caddr_t)&ksc, (caddr_t)scp, kscsize); + if (copyout((caddr_t)&ksc, (caddr_t)scp, kscsize) != 0) { +trash: +#ifdef DEBUG + if ((sigdebug & SDB_KSTACK) && p->p_pid == sigpid) + printf("sendsig(%d): copyout failed on sig %d\n", + p->p_pid, sig); +#endif + /* + * Process has trashed its stack; give it an illegal + * instruction to halt it in its tracks. + */ + SIGACTION(p, SIGILL) = SIG_DFL; + sig = sigmask(SIGILL); + p->p_sigignore &= ~sig; + p->p_sigcatch &= ~sig; + p->p_sigmask &= ~sig; + psignal(p, SIGILL); + return; + } #ifdef DEBUG if (sigdebug & SDB_FOLLOW) printf("sendsig(%d): sig %d scp %p code %lx\n", p->p_pid, sig, diff --git a/sys/arch/alpha/alpha/netbsd_machdep.c b/sys/arch/alpha/alpha/netbsd_machdep.c index f747c3ca26f..99f1b47b1d7 100644 --- a/sys/arch/alpha/alpha/netbsd_machdep.c +++ b/sys/arch/alpha/alpha/netbsd_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netbsd_machdep.c,v 1.9 2002/07/20 23:08:30 art Exp $ */ +/* $OpenBSD: netbsd_machdep.c,v 1.10 2003/08/10 00:03:21 miod Exp $ */ /* * Copyright (c) 1994, 1995, 1996 Carnegie-Mellon University. @@ -140,24 +140,6 @@ netbsd_sendsig(catcher, sig, mask, code, type, val) printf("netbsd_sendsig(%d): sig %d ssp %p usp %p scp %p\n", p->p_pid, sig, &oonstack, alpha_pal_rdusp(), scp); #endif - if (uvm_useracc((caddr_t)scp, fsize, B_WRITE) == 0) { -#ifdef DEBUG - if ((sigdebug & SDB_KSTACK) && p->p_pid == sigpid) - printf("netbsd_sendsig(%d): useracc failed on sig %d\n", - p->p_pid, sig); -#endif - /* - * Process has trashed its stack; give it an illegal - * instruction to halt it in its tracks. - */ - SIGACTION(p, SIGILL) = SIG_DFL; - sig = sigmask(SIGILL); - p->p_sigignore &= ~sig; - p->p_sigcatch &= ~sig; - p->p_sigmask &= ~sig; - psignal(p, SIGILL); - return; - } /* * Build the signal context to be used by sigreturn. @@ -190,7 +172,24 @@ netbsd_sendsig(catcher, sig, mask, code, type, val) * copy the frame out to userland. */ openbsd_to_netbsd_sigcontext(&ksc, &nbsc); - (void) copyout((caddr_t)&nbsc, (caddr_t)scp, sizeof(nbsc)); + if (copyout((caddr_t)&nbsc, (caddr_t)scp, sizeof(nbsc)) != 0) { +#ifdef DEBUG + if ((sigdebug & SDB_KSTACK) && p->p_pid == sigpid) + printf("netbsd_sendsig(%d): copyout failed on sig %d\n", + p->p_pid, sig); +#endif + /* + * Process has trashed its stack; give it an illegal + * instruction to halt it in its tracks. + */ + SIGACTION(p, SIGILL) = SIG_DFL; + sig = sigmask(SIGILL); + p->p_sigignore &= ~sig; + p->p_sigcatch &= ~sig; + p->p_sigmask &= ~sig; + psignal(p, SIGILL); + return; + } #ifdef DEBUG if (sigdebug & SDB_FOLLOW) printf("netbsd_sendsig(%d): sig %d scp %p code %lx\n", @@ -241,8 +240,7 @@ netbsd_sys___sigreturn14(p, v, retval) * Test and fetch the context structure. * We grab it all at once for speed. */ - if (uvm_useracc((caddr_t)nbscp, sizeof (*nbscp), B_WRITE) == 0 || - copyin((caddr_t)nbscp, (caddr_t)&nbsc, sizeof (nbsc))) + if (copyin((caddr_t)nbscp, (caddr_t)&nbsc, sizeof (nbsc))) return (EFAULT); netbsd_to_openbsd_sigcontext(&nbsc, &ksc); diff --git a/sys/arch/alpha/alpha/trap.c b/sys/arch/alpha/alpha/trap.c index 923dcfe9383..a05da0a2855 100644 --- a/sys/arch/alpha/alpha/trap.c +++ b/sys/arch/alpha/alpha/trap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: trap.c,v 1.40 2003/05/10 21:11:11 deraadt Exp $ */ +/* $OpenBSD: trap.c,v 1.41 2003/08/10 00:03:21 miod Exp $ */ /* $NetBSD: trap.c,v 1.52 2000/05/24 16:48:33 thorpej Exp $ */ /*- @@ -825,8 +825,11 @@ const static int reg_to_framereg[32] = { fpusave_proc(p, 1); #define unaligned_load(storage, ptrf, mod) \ - if (copyin((caddr_t)va, &(storage), sizeof (storage)) != 0) \ - break; \ + if (copyin((caddr_t)va, &(storage), sizeof (storage)) != 0) { \ + p->p_md.md_tf->tf_regs[FRAME_PC] -= 4; \ + signal = SIGSEGV; \ + goto out; \ + } \ signal = 0; \ if ((regptr = ptrf(p, reg)) != NULL) \ *regptr = mod (storage); @@ -836,8 +839,11 @@ const static int reg_to_framereg[32] = { (storage) = mod (*regptr); \ else \ (storage) = 0; \ - if (copyout(&(storage), (caddr_t)va, sizeof (storage)) != 0) \ - break; \ + if (copyout(&(storage), (caddr_t)va, sizeof (storage)) != 0) { \ + p->p_md.md_tf->tf_regs[FRAME_PC] -= 4; \ + signal = SIGSEGV; \ + goto out; \ + } \ signal = 0; #define unaligned_load_integer(storage) \ @@ -1047,21 +1053,6 @@ unaligned_fixup(va, opcode, reg, p) selected_tab = tab_unknown; /* - * See if the user can access the memory in question. - * If it's an unknown opcode, we don't know whether to - * read or write, so we don't check. - * - * We adjust the PC backwards so that the instruction will - * be re-run. - */ - if (selected_tab->size != 0 && - !uvm_useracc((caddr_t)va, selected_tab->size, selected_tab->acc)) { - p->p_md.md_tf->tf_regs[FRAME_PC] -= 4; - signal = SIGSEGV; - goto out; - } - - /* * If we're supposed to be noisy, squawk now. */ if (doprint) { |