Received: by 2002:a25:5b86:0:0:0:0:0 with SMTP id p128csp1735487ybb; Fri, 29 Mar 2019 10:13:29 -0700 (PDT) X-Google-Smtp-Source: APXvYqxH0tCU1z3Dj9GUnWzzwc/znYw4CqHBW8AUCK6u8ZuCBMKl3JjeuUx9J/D3OED0L9h43kfB X-Received: by 2002:a63:fd07:: with SMTP id d7mr46400232pgh.199.1553879609305; Fri, 29 Mar 2019 10:13:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553879609; cv=none; d=google.com; s=arc-20160816; b=jmEJ+EQu0sjPwzK2p0ZgLq7S2M4LXr6gQGQNEjLHV/lL6iFXriIpm8/dxFTN8NFP4j CUTs68AUzMtAKxzDgt30ZVD1qS+zqxtJw9XWNaoepnQqkmM0fw5/dO1R8sI/VJ/7Je7q FSLT7AaJjMoFEmGx20KhG1DAFiUSMlWvazq7so1ncjFITV3exZOlf4Jln8bGzjdq7QGQ wT1BXKGNOiu4Pv+LJv7l8yjqffFZpd41hzvz2ve9A56SNEs+krhhNPH9X7OK6r7q4fR8 w0cafVYwU88kCan2TheL5pn27qX7UpyYzqcvmCWI3T5Vgs58+p9CNzljp5UF89aMIzx/ KNNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition:mime-version :message-id:subject:cc:to:from:date; bh=nhxz1QZeCfUJY6L6YukGMi9Mx/c0qC0GFOHoWcyG52w=; b=faBcOTkYU/bvxPPMqfLM+J/pVjE+/tHsbTzQi9ihkcnvVB1GaPx+20RpkFOXM7XctA ydv6VpITk480ecpktzup1VxUeQkYLf2aexGeJQ/P5wDYaeqOj3TdjV2Ry7C3MIFXkhCD OIrCdQuc9xUetjUe2lMxDQkDk1RNopBzwetCwLqRtynlrRJucf6cxNbphKf4OMvB2WtD OQD4hvlGuLIA/xYa5aTXZl8dhaUms91hh+GGDDMY4/mTyBle75mTzVn0GnL/kdg3+gsp uSe7cytDgi0q3NAyRaxIMikOqI4bcs4/LwAiTRb8H45L43iVeSg9nut8VycadHCWq8xz HtBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e22si2238249pgi.66.2019.03.29.10.13.10; Fri, 29 Mar 2019 10:13:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729833AbfC2RMZ (ORCPT + 99 others); Fri, 29 Mar 2019 13:12:25 -0400 Received: from vmicros1.altlinux.org ([194.107.17.57]:41266 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729791AbfC2RMY (ORCPT ); Fri, 29 Mar 2019 13:12:24 -0400 Received: from mua.local.altlinux.org (mua.local.altlinux.org [192.168.1.14]) by vmicros1.altlinux.org (Postfix) with ESMTP id 4E95872CC64; Fri, 29 Mar 2019 20:12:21 +0300 (MSK) Received: by mua.local.altlinux.org (Postfix, from userid 508) id 264207CC74C; Fri, 29 Mar 2019 20:12:21 +0300 (MSK) Date: Fri, 29 Mar 2019 20:12:21 +0300 From: "Dmitry V. Levin" To: Palmer Dabbelt Cc: Steven Rostedt , Ingo Molnar , Kees Cook , Andy Lutomirski , Will Drewry , linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH] riscv: fix syscall_get_arguments() and syscall_set_arguments() Message-ID: <20190329171221.GA32456@altlinux.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org RISC-V syscall arguments are located in orig_a0,a1..a5 fields of struct pt_regs. Due to an off-by-one bug and a bug in pointer arithmetic syscall_get_arguments() was reading s3..s7 fields instead of a1..a5. Likewise, syscall_set_arguments() was writing s3..s7 fields instead of a1..a5. Fixes: e2c0cdfba7f69 ("RISC-V: User-facing API") Cc: Steven Rostedt Cc: Ingo Molnar Cc: Kees Cook Cc: Andy Lutomirski Cc: Will Drewry Cc: linux-riscv@lists.infradead.org Cc: stable@vger.kernel.org # v4.15+ Signed-off-by: Dmitry V. Levin --- arch/riscv/include/asm/syscall.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/riscv/include/asm/syscall.h b/arch/riscv/include/asm/syscall.h index bba3da6ef157..6ea9e1804233 100644 --- a/arch/riscv/include/asm/syscall.h +++ b/arch/riscv/include/asm/syscall.h @@ -79,10 +79,11 @@ static inline void syscall_get_arguments(struct task_struct *task, if (i == 0) { args[0] = regs->orig_a0; args++; - i++; n--; + } else { + i--; } - memcpy(args, ®s->a1 + i * sizeof(regs->a1), n * sizeof(args[0])); + memcpy(args, ®s->a1 + i, n * sizeof(args[0])); } static inline void syscall_set_arguments(struct task_struct *task, @@ -94,10 +95,11 @@ static inline void syscall_set_arguments(struct task_struct *task, if (i == 0) { regs->orig_a0 = args[0]; args++; - i++; n--; - } - memcpy(®s->a1 + i * sizeof(regs->a1), args, n * sizeof(regs->a0)); + } else { + i--; + } + memcpy(®s->a1 + i, args, n * sizeof(regs->a1)); } static inline int syscall_get_arch(void) -- ldv