Skip to content

Commit 00fdec9

Browse files
vineetgarcvineetgarc
committed
ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE
Trap handler for syscall tracing reads EFA (Exception Fault Address), in case strace wants PC of trap instruction (EFA is not part of pt_regs as of current code). However this EFA read is racy as it happens after dropping to pure kernel mode (re-enabling interrupts). A taken interrupt could context-switch, trigger a different task's trap, clobbering EFA for this execution context. Fix this by reading EFA early, before re-enabling interrupts. A slight side benefit is de-duplication of FAKE_RET_FROM_EXCPN in trap handler. The trap handler is common to both ARCompact and ARCv2 builds too. This just came out of code rework/review and no real problem was reported but is clearly a potential problem specially for strace. Cc: <[email protected]> Signed-off-by: Vineet Gupta <[email protected]>
1 parent b3a9e3b commit 00fdec9

File tree

1 file changed

+5
-11
lines changed

1 file changed

+5
-11
lines changed

arch/arc/kernel/entry.S

Lines changed: 5 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -165,7 +165,6 @@ END(EV_Extension)
165165
tracesys:
166166
; save EFA in case tracer wants the PC of traced task
167167
; using ERET won't work since next-PC has already committed
168-
lr r12, [efa]
169168
GET_CURR_TASK_FIELD_PTR TASK_THREAD, r11
170169
st r12, [r11, THREAD_FAULT_ADDR] ; thread.fault_address
171170

@@ -208,15 +207,9 @@ tracesys_exit:
208207
; Breakpoint TRAP
209208
; ---------------------------------------------
210209
trap_with_param:
211-
212-
; stop_pc info by gdb needs this info
213-
lr r0, [efa]
210+
mov r0, r12 ; EFA in case ptracer/gdb wants stop_pc
214211
mov r1, sp
215212

216-
; Now that we have read EFA, it is safe to do "fake" rtie
217-
; and get out of CPU exception mode
218-
FAKE_RET_FROM_EXCPN
219-
220213
; Save callee regs in case gdb wants to have a look
221214
; SP will grow up by size of CALLEE Reg-File
222215
; NOTE: clobbers r12
@@ -243,16 +236,17 @@ ENTRY(EV_Trap)
243236

244237
EXCEPTION_PROLOGUE
245238

239+
lr r12, [efa]
240+
241+
FAKE_RET_FROM_EXCPN
242+
246243
;============ TRAP 1 :breakpoints
247244
; Check ECR for trap with arg (PROLOGUE ensures r10 has ECR)
248245
bmsk.f 0, r10, 7
249246
bnz trap_with_param
250247

251248
;============ TRAP (no param): syscall top level
252249

253-
; First return from Exception to pure K mode (Exception/IRQs renabled)
254-
FAKE_RET_FROM_EXCPN
255-
256250
; If syscall tracing ongoing, invoke pre-post-hooks
257251
GET_CURR_THR_INFO_FLAGS r10
258252
btst r10, TIF_SYSCALL_TRACE

0 commit comments

Comments
 (0)