iwmmxt signal frame handling
Nicolas Pitre
nicolas.pitre at linaro.org
Fri Oct 15 14:46:23 EDT 2010
On Fri, 15 Oct 2010, Eric Miao wrote:
> On Fri, Oct 15, 2010 at 9:40 PM, Arnd Bergmann <arnd at arndb.de> wrote:
> > On Friday 15 October 2010 15:32:04 Eric Miao wrote:
> >> > Acked-by: Eric Miao <eric.y.miao at gmail.com>
> >> >
> >>
> >> This also passes the internal iwmmxt test, Haojian please add your
> >> Tested-by please.
> >
> > Can you also confirm that the previous behaviour is broken?
> > If it is, the patch is probably a candidate for the stable trees.
> >
>
> I don't believe the previous behavior is going to cause any serious issue. The
> magic/size are only saved/restored only for those processes with
> TIF_USING_IWMMXT
> flag set. Yet this patch does seem to improve from security perspective by
> zero-ing the buffer.
>
> BTW: I didn't look too much into the code, but it seems to me that the aux can
> just be zero-ed in a whole?
No. Extensions to the ucontext layout are structured into:
- magic number to identify the data
- size of the data
- the data itself
and you may have multiple of those blocks together, with the last one
having a magic number of 0 to mark the end.
What could be done instead is to avoid copying any iwmmxt context when
that is not available (i.e. when TIF_USING_IWMMXT is not set), but that
would make the code more complex as the ucontext structure couldn't be
used as is and some kind of dynamic storage woule be needed. I really
doubt it is worth the trouble, especially since the only environment
where that would make a difference is with those old pre-EABI binaries
which don't care at all about those ucontext extensions anyway.
Nicolas
More information about the linux-arm-kernel
mailing list