aboutsummaryrefslogtreecommitdiff
path: root/arch/ia64
diff options
context:
space:
mode:
Diffstat (limited to 'arch/ia64')
-rw-r--r--arch/ia64/kernel/entry.S2
-rw-r--r--arch/ia64/kernel/ptrace.c27
-rw-r--r--arch/ia64/kernel/sys_ia64.c14
3 files changed, 25 insertions, 18 deletions
diff --git a/arch/ia64/kernel/entry.S b/arch/ia64/kernel/entry.S
index 4517d4ab5ef..9353adc1895 100644
--- a/arch/ia64/kernel/entry.S
+++ b/arch/ia64/kernel/entry.S
@@ -1411,7 +1411,7 @@ sys_call_table:
data8 sys_msgrcv
data8 sys_msgctl
data8 sys_shmget
- data8 ia64_shmat
+ data8 sys_shmat
data8 sys_shmdt // 1115
data8 sys_shmctl
data8 sys_syslog
diff --git a/arch/ia64/kernel/ptrace.c b/arch/ia64/kernel/ptrace.c
index 55789fcd721..9e730c7bf0c 100644
--- a/arch/ia64/kernel/ptrace.c
+++ b/arch/ia64/kernel/ptrace.c
@@ -17,6 +17,7 @@
#include <linux/user.h>
#include <linux/security.h>
#include <linux/audit.h>
+#include <linux/signal.h>
#include <asm/pgtable.h>
#include <asm/processor.h>
@@ -704,12 +705,32 @@ convert_to_non_syscall (struct task_struct *child, struct pt_regs *pt,
break;
}
+ /*
+ * Note: at the time of this call, the target task is blocked
+ * in notify_resume_user() and by clearling PRED_LEAVE_SYSCALL
+ * (aka, "pLvSys") we redirect execution from
+ * .work_pending_syscall_end to .work_processed_kernel.
+ */
unw_get_pr(&prev_info, &pr);
- pr &= ~(1UL << PRED_SYSCALL);
+ pr &= ~((1UL << PRED_SYSCALL) | (1UL << PRED_LEAVE_SYSCALL));
pr |= (1UL << PRED_NON_SYSCALL);
unw_set_pr(&prev_info, pr);
pt->cr_ifs = (1UL << 63) | cfm;
+ /*
+ * Clear the memory that is NOT written on syscall-entry to
+ * ensure we do not leak kernel-state to user when execution
+ * resumes.
+ */
+ pt->r2 = 0;
+ pt->r3 = 0;
+ pt->r14 = 0;
+ memset(&pt->r16, 0, 16*8); /* clear r16-r31 */
+ memset(&pt->f6, 0, 6*16); /* clear f6-f11 */
+ pt->b7 = 0;
+ pt->ar_ccv = 0;
+ pt->ar_csd = 0;
+ pt->ar_ssd = 0;
}
static int
@@ -1481,7 +1502,7 @@ sys_ptrace (long request, pid_t pid, unsigned long addr, unsigned long data)
case PTRACE_CONT:
/* restart after signal. */
ret = -EIO;
- if (data > _NSIG)
+ if (!valid_signal(data))
goto out_tsk;
if (request == PTRACE_SYSCALL)
set_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
@@ -1520,7 +1541,7 @@ sys_ptrace (long request, pid_t pid, unsigned long addr, unsigned long data)
/* let child execute for one instruction */
case PTRACE_SINGLEBLOCK:
ret = -EIO;
- if (data > _NSIG)
+ if (!valid_signal(data))
goto out_tsk;
clear_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
diff --git a/arch/ia64/kernel/sys_ia64.c b/arch/ia64/kernel/sys_ia64.c
index 3ac216e1c8b..a8cf6d8a509 100644
--- a/arch/ia64/kernel/sys_ia64.c
+++ b/arch/ia64/kernel/sys_ia64.c
@@ -93,20 +93,6 @@ sys_getpagesize (void)
}
asmlinkage unsigned long
-ia64_shmat (int shmid, void __user *shmaddr, int shmflg)
-{
- unsigned long raddr;
- int retval;
-
- retval = do_shmat(shmid, shmaddr, shmflg, &raddr);
- if (retval < 0)
- return retval;
-
- force_successful_syscall_return();
- return raddr;
-}
-
-asmlinkage unsigned long
ia64_brk (unsigned long brk)
{
unsigned long rlim, retval, newbrk, oldbrk;