acfdd4b1f7
a.out support on ARM requires that argc, argv and envp are passed in r0-r2 respectively, which requires hacking load_aout_binary to prevent argc being clobbered by the return code. Whilst mainline kernels do set the registers up in start_thread, the aout loader has never carried the hack in mainline. Initialising the registers in this way actually goes against the libc expectations for ELF binaries, where argc, argv and envp are passed on the stack, with r0 being used to hold a pointer to an exit function for cleaning up after the dynamic linker if required. If the pointer is NULL, then it is ignored. When execing an ELF binary, Linux currently zeroes r0, then sets it to argc and then finally clobbers it with the return value of the execve syscall, so we actually end up with: r0 = 0 stack[0] = argc r1 = stack[1] = argv r2 = stack[2] = envp libc treats r1 and r2 as undefined. The clobbering of r0 by sys_execve works for user-spawned threads, but when executing an ELF binary from a kernel thread (via call_usermodehelper), the execve is performed on the ret_from_fork path, which restores r0 from the saved pt_regs, resulting in argc being presented to the C library. This has horrible consequences when the application exits, since we have an exit function registered using argc, resulting in a jump to hyperspace. This patch solves the problem by removing the partial a.out support from arch/arm/ altogether. Cc: <stable@vger.kernel.org> Cc: Ashish Sangwan <ashishsangwan2@gmail.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
118 lines
2.6 KiB
C
118 lines
2.6 KiB
C
/*
|
|
* arch/arm/include/asm/processor.h
|
|
*
|
|
* Copyright (C) 1995-1999 Russell King
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
* published by the Free Software Foundation.
|
|
*/
|
|
|
|
#ifndef __ASM_ARM_PROCESSOR_H
|
|
#define __ASM_ARM_PROCESSOR_H
|
|
|
|
/*
|
|
* Default implementation of macro that returns current
|
|
* instruction pointer ("program counter").
|
|
*/
|
|
#define current_text_addr() ({ __label__ _l; _l: &&_l;})
|
|
|
|
#ifdef __KERNEL__
|
|
|
|
#include <asm/hw_breakpoint.h>
|
|
#include <asm/ptrace.h>
|
|
#include <asm/types.h>
|
|
|
|
#ifdef __KERNEL__
|
|
#define STACK_TOP ((current->personality & ADDR_LIMIT_32BIT) ? \
|
|
TASK_SIZE : TASK_SIZE_26)
|
|
#define STACK_TOP_MAX TASK_SIZE
|
|
#endif
|
|
|
|
struct debug_info {
|
|
#ifdef CONFIG_HAVE_HW_BREAKPOINT
|
|
struct perf_event *hbp[ARM_MAX_HBP_SLOTS];
|
|
#endif
|
|
};
|
|
|
|
struct thread_struct {
|
|
/* fault info */
|
|
unsigned long address;
|
|
unsigned long trap_no;
|
|
unsigned long error_code;
|
|
/* debugging */
|
|
struct debug_info debug;
|
|
};
|
|
|
|
#define INIT_THREAD { }
|
|
|
|
#ifdef CONFIG_MMU
|
|
#define nommu_start_thread(regs) do { } while (0)
|
|
#else
|
|
#define nommu_start_thread(regs) regs->ARM_r10 = current->mm->start_data
|
|
#endif
|
|
|
|
#define start_thread(regs,pc,sp) \
|
|
({ \
|
|
memset(regs->uregs, 0, sizeof(regs->uregs)); \
|
|
if (current->personality & ADDR_LIMIT_32BIT) \
|
|
regs->ARM_cpsr = USR_MODE; \
|
|
else \
|
|
regs->ARM_cpsr = USR26_MODE; \
|
|
if (elf_hwcap & HWCAP_THUMB && pc & 1) \
|
|
regs->ARM_cpsr |= PSR_T_BIT; \
|
|
regs->ARM_cpsr |= PSR_ENDSTATE; \
|
|
regs->ARM_pc = pc & ~1; /* pc */ \
|
|
regs->ARM_sp = sp; /* sp */ \
|
|
nommu_start_thread(regs); \
|
|
})
|
|
|
|
/* Forward declaration, a strange C thing */
|
|
struct task_struct;
|
|
|
|
/* Free all resources held by a thread. */
|
|
extern void release_thread(struct task_struct *);
|
|
|
|
unsigned long get_wchan(struct task_struct *p);
|
|
|
|
#if __LINUX_ARM_ARCH__ == 6 || defined(CONFIG_ARM_ERRATA_754327)
|
|
#define cpu_relax() smp_mb()
|
|
#else
|
|
#define cpu_relax() barrier()
|
|
#endif
|
|
|
|
#define task_pt_regs(p) \
|
|
((struct pt_regs *)(THREAD_START_SP + task_stack_page(p)) - 1)
|
|
|
|
#define KSTK_EIP(tsk) task_pt_regs(tsk)->ARM_pc
|
|
#define KSTK_ESP(tsk) task_pt_regs(tsk)->ARM_sp
|
|
|
|
/*
|
|
* Prefetching support - only ARMv5.
|
|
*/
|
|
#if __LINUX_ARM_ARCH__ >= 5
|
|
|
|
#define ARCH_HAS_PREFETCH
|
|
static inline void prefetch(const void *ptr)
|
|
{
|
|
__asm__ __volatile__(
|
|
"pld\t%a0"
|
|
:
|
|
: "p" (ptr)
|
|
: "cc");
|
|
}
|
|
|
|
#define ARCH_HAS_PREFETCHW
|
|
#define prefetchw(ptr) prefetch(ptr)
|
|
|
|
#define ARCH_HAS_SPINLOCK_PREFETCH
|
|
#define spin_lock_prefetch(x) do { } while (0)
|
|
|
|
#endif
|
|
|
|
#define HAVE_ARCH_PICK_MMAP_LAYOUT
|
|
|
|
#endif
|
|
|
|
#endif /* __ASM_ARM_PROCESSOR_H */
|