sh: __copy_user function can corrupt the stack in case of exception
The __copy_user function can corrupt the stack in the case of a non-trivial length of data, and either of the first two move instructions cause an exception. This is because the fixup for these two instructions is mapped to the no_pop case, but these instructions execute after the stack is pushed. This change creates an explicit NO_POP exception mapping macro, and uses it for the two instructions executed in the trivial case where no stack pushes occur. More information at ST Linux bugzilla: https://bugzilla.stlinux.com/show_bug.cgi?id=4824 Signed-off-by: Dylan Reid <dylan_reid@bose.com> Signed-off-by: Stuart Menefy <stuart.menefy@st.com> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Loading
Please register or sign in to comment