* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 9:58 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 9:58 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Ariel Miculas
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 10:28 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 10:28 UTC (permalink / raw)
To: christophe.leroy; +Cc: Ariel Miculas, linuxppc-dev
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 10:18 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 10:18 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Ariel Miculas
From: Ariel Miculas <ariel.miculas@belden.com>
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 10:09 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 10:09 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Ariel Miculas
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 8:01 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 8:01 UTC (permalink / raw)
To: linuxppc-dev, linuxppc-dev, mpe, benh, paulus, linux-kernel; +Cc: Ariel Miculas
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] powerpc/32: Fix FPR index validation and fpscr access
@ 2022-06-10 7:15 Ariel Miculas
0 siblings, 0 replies; 6+ messages in thread
From: Ariel Miculas @ 2022-06-10 7:15 UTC (permalink / raw)
To: linuxppc-dev, christian.johannes; +Cc: Ariel Miculas
On PPC32, there are two indexes used for each FPR.
The last two indexes into the imaginary address space "USER area" are
used to access fpscr instead of the FPR registers. Fix the validation
condition so that the access of the FPR array doesn't overflow into
fpscr. Also split the access of fpscr into high part and low part.
Signed-off-by: Ariel Miculas <ariel.miculas@belden.com>
---
arch/powerpc/kernel/ptrace/ptrace-fpu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-fpu.c b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
index 09c49632bfe5..eabc05b439f1 100644
--- a/arch/powerpc/kernel/ptrace/ptrace-fpu.c
+++ b/arch/powerpc/kernel/ptrace/ptrace-fpu.c
@@ -17,14 +17,18 @@ int ptrace_get_fpr(struct task_struct *child, int index, unsigned long *data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
*data = ((u32 *)child->thread.fp_state.fpr)[fpidx];
else
+ *data = ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1];
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(data, &child->thread.TS_FPR(fpidx), sizeof(long));
- } else
- *data = child->thread.fp_state.fpscr;
+ else
+ *data = child->thread.fp_state.fpscr;
+ }
#else
*data = 0;
#endif
@@ -43,14 +47,18 @@ int ptrace_put_fpr(struct task_struct *child, int index, unsigned long data)
#ifdef CONFIG_PPC_FPU_REGS
flush_fp_to_thread(child);
- if (fpidx < (PT_FPSCR - PT_FPR0)) {
- if (IS_ENABLED(CONFIG_PPC32))
+ if (IS_ENABLED(CONFIG_PPC32)) {
+ if ((fpidx >> 1) < (PT_FPSCR - PT_FPR0) >> 1)
// On 32-bit the index we are passed refers to 32-bit words
((u32 *)child->thread.fp_state.fpr)[fpidx] = data;
else
+ ((u32 *)&child->thread.fp_state.fpscr)[fpidx & 1] = data;
+ } else {
+ if (fpidx < (PT_FPSCR - PT_FPR0))
memcpy(&child->thread.TS_FPR(fpidx), &data, sizeof(long));
- } else
- child->thread.fp_state.fpscr = data;
+ else
+ child->thread.fp_state.fpscr = data;
+ }
#endif
return 0;
--
2.36.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-06-10 11:31 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-10 9:58 [PATCH] powerpc/32: Fix FPR index validation and fpscr access Ariel Miculas
-- strict thread matches above, loose matches on Subject: below --
2022-06-10 10:28 Ariel Miculas
2022-06-10 10:18 Ariel Miculas
2022-06-10 10:09 Ariel Miculas
2022-06-10 8:01 Ariel Miculas
2022-06-10 7:15 Ariel Miculas
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.