ARM: 7526/1: traps: send SIGILL if get_user fails on undef handling path

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

get_user may fail to load from the provided __user address due to an
unhandled fault generated by the access.

In the case of the undefined instruction trap, this results in failure
to load the faulting instruction, in which case we should send SIGILL to
the task rather than continue with potentially uninitialised data.

Signed-off-by: Will Deacon <will.deacon@arm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

authored by

Will Deacon and committed by

Russell King 13 years ago 2b2040af 62194bda

+7 -4

1 changed file

expand all

arch

arm

kernel

traps.c

+7 -4

arch/arm/kernel/traps.c

··· 420 420 #endif 421 421 instr = *(u32 *) pc; 422 422 } else if (thumb_mode(regs)) { 423 - get_user(instr, (u16 __user *)pc); 423 + if (get_user(instr, (u16 __user *)pc)) 424 + goto die_sig; 424 425 if (is_wide_instruction(instr)) { 425 426 unsigned int instr2; 426 - get_user(instr2, (u16 __user *)pc+1); 427 + if (get_user(instr2, (u16 __user *)pc+1)) 428 + goto die_sig; 427 429 instr <<= 16; 428 430 instr |= instr2; 429 431 } 430 - } else { 431 - get_user(instr, (u32 __user *)pc); 432 + } else if (get_user(instr, (u32 __user *)pc)) { 433 + goto die_sig; 432 434 } 433 435 434 436 if (call_undef_hook(regs, instr) == 0) 435 437 return; 436 438 439 + die_sig: 437 440 #ifdef CONFIG_DEBUG_USER 438 441 if (user_debug & UDBG_UNDEFINED) { 439 442 printk(KERN_INFO "%s (%d): undefined instruction: pc=%p\n",