git: 61b146ba43cd - main - Check alignment of fp in unwind_frame
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 16 Nov 2022 18:31:14 UTC
The branch main has been updated by brooks:
URL: https://cgit.FreeBSD.org/src/commit/?id=61b146ba43cd3886c81e79b37fdc665d6e1d74b8
commit 61b146ba43cd3886c81e79b37fdc665d6e1d74b8
Author: Dapeng Gao <dapeng@dpgao.cn>
AuthorDate: 2022-11-16 18:29:28 +0000
Commit: Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2022-11-16 18:29:28 +0000
Check alignment of fp in unwind_frame
A misaligned frame pointer is certainly not a valid frame pointer and
with strict alignment enabled (as on CHERI) can cause panics when it is
loaded from later in the code.
This is a recommit of 40e0fa10f58d90744c2857b57adf0ddbce1a1e1c with
is_aligned() corrected to __is_aligned().
Reviewed By: jhb
Differential Revision: https://reviews.freebsd.org/D34646
---
sys/arm64/arm64/unwind.c | 3 ++-
sys/riscv/riscv/unwind.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/sys/arm64/arm64/unwind.c b/sys/arm64/arm64/unwind.c
index 470b64c00540..32590da5fc46 100644
--- a/sys/arm64/arm64/unwind.c
+++ b/sys/arm64/arm64/unwind.c
@@ -41,7 +41,8 @@ unwind_frame(struct thread *td, struct unwind_state *frame)
fp = frame->fp;
- if (!kstack_contains(td, fp, sizeof(uintptr_t) * 2))
+ if (!__is_aligned(fp, sizeof(fp)) ||
+ !kstack_contains(td, fp, sizeof(fp) * 2))
return (false);
/* FP to previous frame (X29) */
diff --git a/sys/riscv/riscv/unwind.c b/sys/riscv/riscv/unwind.c
index 9efb1fef9451..175e6423a59c 100644
--- a/sys/riscv/riscv/unwind.c
+++ b/sys/riscv/riscv/unwind.c
@@ -47,7 +47,8 @@ unwind_frame(struct thread *td, struct unwind_state *frame)
fp = frame->fp;
- if (!kstack_contains(td, fp - sizeof(fp) * 2, sizeof(fp) * 2))
+ if (!__is_aligned(fp, sizeof(fp)) ||
+ !kstack_contains(td, fp - sizeof(fp) * 2, sizeof(fp) * 2))
return (false);
frame->sp = fp;