[PATCH] /arch/microblaze/kernel/entry.S kernel 3.14 Fix crash when calling invalid syscall ID

From: Jamie Garside
Date: Mon Feb 23 2015 - 08:43:43 EST


There appears to be a couple of bugs in the initial syscall handler on
Microblaze when passing an invalid syscall ID.

The code at line 351 should check for a syscall ID above __NR_syscalls,
then jump to the error exit routine. In this case, _user_exception returns
using the wrong register (r15 instead of r14), and doesn't clean up the
stack, causing the running user-land to hang.

Additionally, it does not cause an error if the syscall ID is negative (as
can be returned from do_syscall_trace_enter), causing the kernel to attempt
to jump to an invalid syscall handler and cause a kernel oops.

This patch adds a check for negative syscall ID, and modifies the error
exit to jump to ret_from_trap instead (as would happen after a successful
syscall) to perform cleanup, returning -ENOSYS. I believe this should be
safe in this condition.

This patch has been edited against the Linux 3.14 code, but a glance over
the git logs shows this file has not been changed in the past two years,
hence this patch should be safe for the most recent kernel version.

Thanks,
Jamie

--
Jamie Garside
Department of Computer Science
University of York
United Kingdom

Disclaimer: http://www.york.ac.uk/about/legal-statements/email-disclaimer/

Attachment: entry.S.patch
Description: Binary data

Attachment: README
Description: Binary data