[klibc] [PATCH] : store 4 bytes in arm64 errno
Greg Thelen
gthelen at google.com
Mon Aug 15 02:05:41 PDT 2022
The arm64 post-syscall code (below) checks the syscall retval (x0) and
conditionally sets errno:
__syscall_common:
cmp x0, #0x0
b.ge 2f
neg x0, x0
ldr x8, 1f
str x0, [x8]
mov x0, #-1
2:
ret
1:
.dword errno
There is a bug. When the syscall returns a negative value "str x0, [x8]"
stores 8 bytes in the 4 byte errno. The 4 bytes that follow errno are
clobbered, which depending on linker data placement can corrupt
important process memory.
Only store 4 bytes in errno to avoid corruption.
Fixes: e4a2c914446b ("[klibc] arm64: Add arm64 support")
Signed-off-by: Greg Thelen <gthelen at google.com>
---
usr/klibc/arch/arm64/syscall.S | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/usr/klibc/arch/arm64/syscall.S b/usr/klibc/arch/arm64/syscall.S
index 3ce91fb77aa5..e1004122577d 100644
--- a/usr/klibc/arch/arm64/syscall.S
+++ b/usr/klibc/arch/arm64/syscall.S
@@ -17,7 +17,7 @@ __syscall_common:
b.ge 2f
neg x0, x0
ldr x8, 1f
- str x0, [x8]
+ str w0, [x8]
mov x0, #-1
2:
ret
--
2.37.1.595.g718a3a8f04-goog
More information about the klibc
mailing list