From 910f2c06f8cee7b892eccbca45ba038097802365 Mon Sep 17 00:00:00 2001 From: miod Date: Mon, 28 Jul 2008 17:50:09 +0000 Subject: [PATCH] In process_write_regs() and sigreturn(), be more strict about the bits userland is allowed to change in psr. --- sys/arch/m88k/include/psl.h | 6 +++++- sys/arch/m88k/m88k/process_machdep.c | 10 ++++++++-- sys/arch/m88k/m88k/sig_machdep.c | 5 ++++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/sys/arch/m88k/include/psl.h b/sys/arch/m88k/include/psl.h index a1f74383693..a03dfa2ddd5 100644 --- a/sys/arch/m88k/include/psl.h +++ b/sys/arch/m88k/include/psl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: psl.h,v 1.5 2007/12/20 21:17:51 miod Exp $ */ +/* $OpenBSD: psl.h,v 1.6 2008/07/28 17:50:09 miod Exp $ */ /* * Copyright (c) 1996 Nivas Madhur * All rights reserved. @@ -79,6 +79,10 @@ #define PSR_IND 0x00000002 /* interrupt disable */ #define PSR_SFRZ 0x00000001 /* shadow freeze */ +/* bits userland is not allowed to change */ +#define PSR_USERSTATIC (PSR_MODE | PSR_BO | PSR_SGN | PSR_SRM | PSR_SFD | \ + PSR_MXM | PSR_IND | PSR_SFRZ) + #define FIP_V 0x00000002 /* valid */ #define FIP_E 0x00000001 /* exception */ #define FIP_ADDR 0xfffffffc /* address mask */ diff --git a/sys/arch/m88k/m88k/process_machdep.c b/sys/arch/m88k/m88k/process_machdep.c index 13a6acb4dd1..825c7a2a9e2 100644 --- a/sys/arch/m88k/m88k/process_machdep.c +++ b/sys/arch/m88k/m88k/process_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: process_machdep.c,v 1.3 2005/05/18 16:44:41 miod Exp $ */ +/* $OpenBSD: process_machdep.c,v 1.4 2008/07/28 17:50:11 miod Exp $ */ /* * Copyright (c) 1993 The Regents of the University of California. @@ -85,7 +85,13 @@ process_write_regs(p, regs) struct proc *p; struct reg *regs; { - bcopy((caddr_t)regs, (caddr_t)USER_REGS(p), sizeof(struct reg)); + struct reg *procregs = (struct reg *)USER_REGS(p); + unsigned int psr = procregs->epsr; + + bcopy(regs, procregs, sizeof(struct reg)); + procregs->epsr = + (psr & PSR_USERSTATIC) | (regs->epsr & ~PSR_USERSTATIC); + return (0); } diff --git a/sys/arch/m88k/m88k/sig_machdep.c b/sys/arch/m88k/m88k/sig_machdep.c index 703c0e6cb07..299bc758805 100644 --- a/sys/arch/m88k/m88k/sig_machdep.c +++ b/sys/arch/m88k/m88k/sig_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sig_machdep.c,v 1.8 2007/12/31 09:23:53 martin Exp $ */ +/* $OpenBSD: sig_machdep.c,v 1.9 2008/07/28 17:50:11 miod Exp $ */ /* * Copyright (c) 1998, 1999, 2000, 2001 Steve Murphree, Jr. * Copyright (c) 1996 Nivas Madhur @@ -213,6 +213,9 @@ sys_sigreturn(struct proc *p, void *v, register_t *retval) tf = p->p_md.md_tf; scp = &ksc; + if ((scp->sc_regs.epsr ^ tf->tf_regs.epsr) & PSR_USERSTATIC) + return (EINVAL); + bcopy((const void *)&scp->sc_regs, (caddr_t)&tf->tf_regs, sizeof(scp->sc_regs)); -- 2.20.1