Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 6 Aug 2021 12:51:13 GMT
From:      Andrew Turner <andrew@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: acab6815aa38 - stable/13 - Use the correct length when copying arm64 vfp registers
Message-ID:  <202108061251.176CpDgh017052@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by andrew:

URL: https://cgit.FreeBSD.org/src/commit/?id=acab6815aa389911939fee92f7fe98f1d63b741c

commit acab6815aa389911939fee92f7fe98f1d63b741c
Author:     Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2021-06-14 11:01:46 +0000
Commit:     Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2021-08-05 20:50:15 +0000

    Use the correct length when copying arm64 vfp registers
    
    We passed the wrong length into memcpy in the arm64 get_fpcontext and
    set_fpcontext. This caused us to copy two status registers we didn't
    expect to copy.
    
    These are safe as they exist in both the source and destination, although
    in a different order, and we copy the correct values after the memcpy.
    
    Obtained from:  CheriBSD
    Sponsored by:   Innovate UK
    
    (cherry picked from commit e7f369b1c18ca0377bb0b016b4cab3f0de2a74c5)
---
 sys/arm64/arm64/machdep.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c
index 5cc17d2a4612..071bf3e51ab2 100644
--- a/sys/arm64/arm64/machdep.c
+++ b/sys/arm64/arm64/machdep.c
@@ -650,7 +650,7 @@ get_fpcontext(struct thread *td, mcontext_t *mcp)
 		KASSERT((curpcb->pcb_fpflags & ~PCB_FP_USERMASK) == 0,
 		    ("Non-userspace FPU flags set in get_fpcontext"));
 		memcpy(mcp->mc_fpregs.fp_q, curpcb->pcb_fpustate.vfp_regs,
-		    sizeof(mcp->mc_fpregs));
+		    sizeof(mcp->mc_fpregs.fp_q));
 		mcp->mc_fpregs.fp_cr = curpcb->pcb_fpustate.vfp_fpcr;
 		mcp->mc_fpregs.fp_sr = curpcb->pcb_fpustate.vfp_fpsr;
 		mcp->mc_fpregs.fp_flags = curpcb->pcb_fpflags;
@@ -681,7 +681,7 @@ set_fpcontext(struct thread *td, mcontext_t *mcp)
 		KASSERT(curpcb->pcb_fpusaved == &curpcb->pcb_fpustate,
 		    ("Called set_fpcontext while the kernel is using the VFP"));
 		memcpy(curpcb->pcb_fpustate.vfp_regs, mcp->mc_fpregs.fp_q,
-		    sizeof(mcp->mc_fpregs));
+		    sizeof(mcp->mc_fpregs.fp_q));
 		curpcb->pcb_fpustate.vfp_fpcr = mcp->mc_fpregs.fp_cr;
 		curpcb->pcb_fpustate.vfp_fpsr = mcp->mc_fpregs.fp_sr;
 		curpcb->pcb_fpflags = mcp->mc_fpregs.fp_flags & PCB_FP_USERMASK;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202108061251.176CpDgh017052>