nortti
/
sortix-mirror
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Clear registers after system calls.

This commit is contained in:
Jonas 'Sortie' Termansen 2015-05-16 19:22:46 +02:00
parent 33c7f48909
commit 0fc3d70716
3 changed files with 49 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kernel/signal.cpp
View File

@ -617,6 +617,7 @@ retry_another_signal:
intctx->cs = UCS | URPL; intctx->cs = UCS | URPL;
intctx->ds = UDS | URPL; intctx->ds = UDS | URPL;
intctx->ss = UDS | URPL; intctx->ss = UDS | URPL;
intctx->ebx = 0;
#elif defined(__x86_64__) #elif defined(__x86_64__)
intctx->rip = intctx->rdi; intctx->rip = intctx->rdi;
intctx->rflags = intctx->rsi; intctx->rflags = intctx->rsi;
@ -624,6 +625,9 @@ retry_another_signal:
intctx->cs = UCS | URPL; intctx->cs = UCS | URPL;
intctx->ds = UDS | URPL; intctx->ds = UDS | URPL;
intctx->ss = UDS | URPL; intctx->ss = UDS | URPL;
intctx->rdi = 0;
intctx->rsi = 0;
intctx->r8 = 0;
#else #else
#error "You may need to fix the registers" #error "You may need to fix the registers"
#endif #endif

36
kernel/x64/syscall.S
View File

@ -1,6 +1,6 @@
/******************************************************************************* /*******************************************************************************
Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013, 2014. Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013, 2014, 2015.
This file is part of Sortix. This file is part of Sortix.
@ -36,9 +36,9 @@ syscall_handler:
# Make sure the requested system call is valid, if not, then fix it. # Make sure the requested system call is valid, if not, then fix it.
cmp $SYSCALL_MAX_NUM, %rax cmp $SYSCALL_MAX_NUM, %rax
jae fix_syscall jae 3f
valid_syscall: 1:
# Read a system call function pointer. # Read a system call function pointer.
xorq %r11, %r11 xorq %r11, %r11
movq syscall_list(%r11,%rax,8), %rax movq syscall_list(%r11,%rax,8), %rax
@ -52,19 +52,33 @@ valid_syscall:
popq %rbp popq %rbp
movl global_errno, %ecx movl global_errno, %ecx
# Zero registers to avoid information leaks.
# rax is return value.
# rdi is set in a moment.
xor %rsi, %rsi
# rdx is return value (MIGHT NOT BE INITIALIZED, CAN LEAK!).
# rcx is errno.
xor %r8, %r8
xor %r9, %r9
xor %r10, %r10
xor %r11, %r11
# The rest of the registers are preserved by the ABI and syscall ABI.
# If any signals are pending, fire them now. # If any signals are pending, fire them now.
movq asm_signal_is_pending, %rdi movq asm_signal_is_pending, %rdi
testq %rdi, %rdi testq %rdi, %rdi
jnz call_signal_dispatcher jnz 4f
# rdi is zero in this branch.
2:
iretq iretq
fix_syscall: 3:
# Call the null system call instead. # Call the null system call instead.
xorq %rax, %rax xorq %rax, %rax
jmp valid_syscall jmp 1b
call_signal_dispatcher: 4:
# We can't return to this location after the signal, since if any system # We can't return to this location after the signal, since if any system
# call is made this stack will get reused and all our nice temporaries wil # call is made this stack will get reused and all our nice temporaries wil
# be garbage. We therefore pass the kernel the state to return to and it'll # be garbage. We therefore pass the kernel the state to return to and it'll
@ -74,7 +88,11 @@ call_signal_dispatcher:
movq 24(%rsp), %r8 # userspace rsp, note %rcx is used for errno movq 24(%rsp), %r8 # userspace rsp, note %rcx is used for errno
int $130 # Deliver pending signals. int $130 # Deliver pending signals.
# If we end up here, it means that the signal didn't override anything and # If we end up here, it means that the signal didn't override anything and
# that we should just go ahead and return to userspace ourselves. # that we should just go ahead and return to userspace ourselves. Zero the
iretq # scratch registers to avoid information leaks.
xor %rdi, %rdi
xor %rsi, %rsi
xor %r8, %r8
jmp 2b
.size syscall_handler, .-syscall_handler .size syscall_handler, .-syscall_handler

26
kernel/x86/syscall.S
View File

@ -1,6 +1,6 @@
/******************************************************************************* /*******************************************************************************
Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013, 2014. Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013, 2014, 2015.
This file is part of Sortix. This file is part of Sortix.
@ -45,9 +45,9 @@ syscall_handler:
# Make sure the requested system call is valid. # Make sure the requested system call is valid.
cmp $SYSCALL_MAX_NUM, %eax cmp $SYSCALL_MAX_NUM, %eax
jae fix_syscall jae 3f
valid_syscall: 1:
# Read a system call function pointer. # Read a system call function pointer.
xorl %ebp, %ebp xorl %ebp, %ebp
movl syscall_list(%ebp,%eax,4), %eax movl syscall_list(%ebp,%eax,4), %eax
@ -76,19 +76,28 @@ valid_syscall:
popl %ebp popl %ebp
movl global_errno, %ecx movl global_errno, %ecx
# Zero registers to avoid information leaks.
# eax is the return value.
# ecx is errno.
# edx is the return value (MIGHT NOT BE INITIALIZED, CAN LEAK!).
# ebx is set in a moment.
xor %esi, %esi
xor %edi, %edi
# If any signals are pending, fire them now. # If any signals are pending, fire them now.
movl asm_signal_is_pending, %ebx movl asm_signal_is_pending, %ebx
testl %ebx, %ebx testl %ebx, %ebx
jnz call_signal_dispatcher jnz 4f
# ebx is zero in this branch.
2:
iretl iretl
fix_syscall: 3:
# Call the null system call instead. # Call the null system call instead.
xorl %eax, %eax xorl %eax, %eax
jmp valid_syscall jmp 1b
call_signal_dispatcher: 4:
# We can't return to this location after the signal, since if any system # We can't return to this location after the signal, since if any system
# call is made this stack will get reused and all our nice temporaries wil # call is made this stack will get reused and all our nice temporaries wil
# be garbage. We therefore pass the kernel the state to return to and it'll # be garbage. We therefore pass the kernel the state to return to and it'll
@ -97,6 +106,7 @@ call_signal_dispatcher:
int $130 # Deliver pending signals. int $130 # Deliver pending signals.
# If we end up here, it means that the signal didn't override anything and # If we end up here, it means that the signal didn't override anything and
# that we should just go ahead and return to userspace ourselves. # that we should just go ahead and return to userspace ourselves.
iretl xor %ebx, %ebx
jmp 2b
.size syscall_handler, .-syscall_handler .size syscall_handler, .-syscall_handler