diff options
| author | Brandon Creighton <bjc@cvs.openbsd.org> | 2001-02-11 12:59:41 +0000 |
|---|---|---|
| committer | Brandon Creighton <bjc@cvs.openbsd.org> | 2001-02-11 12:59:41 +0000 |
| commit | 01352e0abab809c3a99ab5fd79ad6afa2886a183 (patch) | |
| tree | 44901015035d7e79c95e7254462e6ac1a4bdc731 /sys/arch | |
| parent | 6cd470778fe498d5509d5098522743c94a3f3a81 (diff) | |
Previously, when sendsig() set up the current process's context to run
sigcode to call a handler, SP was set in the middle of the struct
trapframe/struct sigcontext pair placed on the stack. This was adequate
when only one signal is being delivered at a time, but when two signals are
delivered in one syscall, the second invocation of sendsig() overwrote
some of the first sendsig() invocation's stack data.
The result was that under certain circumstances, (e.g., sending signals to
backgrounded processes from ksh) the argument passed to signal handlers
when the second signal (the one corresponding to the first sendsig()
invocation) was delivered was bogus data from the stack. Therefore,
programs that depended on the "sigraised" argument to be accurate
blew up.
This fix ensures that sendsig() always leaves a process's SP out of the way
of structures that will be used. AP is not moved, though, so sigreturn
can find the args correctly. Also, sigcode is changed to compensate for the
SP change.
Diffstat (limited to 'sys/arch')
| -rw-r--r-- | sys/arch/vax/vax/machdep.c | 14 | ||||
| -rw-r--r-- | sys/arch/vax/vax/subr.s | 5 |
2 files changed, 12 insertions, 7 deletions
diff --git a/sys/arch/vax/vax/machdep.c b/sys/arch/vax/vax/machdep.c index 6c17c43e5ba..3013e64359f 100644 --- a/sys/arch/vax/vax/machdep.c +++ b/sys/arch/vax/vax/machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: machdep.c,v 1.28 2001/01/28 02:24:24 hugh Exp $ */ +/* $OpenBSD: machdep.c,v 1.29 2001/02/11 12:59:40 bjc Exp $ */ /* $NetBSD: machdep.c,v 1.108 2000/09/13 15:00:23 thorpej Exp $ */ /* @@ -445,8 +445,12 @@ printf("sendsig: signal %x catcher %x\n", sig, catcher); trampf = (struct trampframe *) ((unsigned)sigctx - sizeof(struct trampframe)); - /* Place for pointer to arg list in sigreturn */ - cursp = (unsigned)sigctx - 8; + /* + * Place sp at the beginning of trampf; this ensures that possible + * further calls to sendsig won't overwrite this struct + * trampframe/struct sigcontext pair with their own. + */ + cursp = (unsigned) trampf; gtrampf.arg = (int) sigctx; gtrampf.pc = (unsigned) catcher; @@ -472,7 +476,7 @@ printf("sendsig: signal %x catcher %x\n", sig, catcher); syscf->pc = (unsigned) (((char *) PS_STRINGS) - (esigcode - sigcode)); syscf->psl = PSL_U | PSL_PREVU; - syscf->ap = cursp; + syscf->ap = (unsigned) sigctx-8; syscf->sp = cursp; if (onstack) @@ -686,7 +690,7 @@ process_sstep(p, sstep) * allocated from the kernel map instead. * * It is known that the first page in the iospace area is unused; it may - * be use by console device drivers (before the map system is inited). + * be use by console device drivers (before the map system is inied). */ vaddr_t vax_map_physmem(phys, size) diff --git a/sys/arch/vax/vax/subr.s b/sys/arch/vax/vax/subr.s index 212021c4f9c..407d1b0f264 100644 --- a/sys/arch/vax/vax/subr.s +++ b/sys/arch/vax/vax/subr.s @@ -1,4 +1,4 @@ -/* $OpenBSD: subr.s,v 1.10 2001/01/08 04:25:13 hugh Exp $ */ +/* $OpenBSD: subr.s,v 1.11 2001/02/11 12:59:40 bjc Exp $ */ /* $NetBSD: subr.s,v 1.32 1999/03/25 00:41:48 mrg Exp $ */ /* @@ -90,7 +90,8 @@ eskip: */ .globl _sigcode,_esigcode -_sigcode: pushr $0x3f +_sigcode: addl2 $0x24, sp + pushr $0x3f subl2 $0xc,sp movl 0x24(sp),r0 calls $3,(r0) |