• John David Anglin's avatar
    parisc: Correct completer in lws start · 8f66fce0
    John David Anglin authored
    The completer in the "or,ev %r1,%r30,%r30" instruction is reversed, so we are
    not clipping the LWS number when we are called from a 32-bit process (W=0).
    We need to nulify the following depdi instruction when the least-significant
    bit of %r30 is 1.
    
    If the %r20 register is not clipped, a user process could perform a LWS call
    that would branch to an undefined location in the kernel and potentially crash
    the machine.
    Signed-off-by: default avatarJohn David Anglin <dave.anglin@bell.net>
    Cc: stable@vger.kernel.org # 4.19+
    Signed-off-by: default avatarHelge Deller <deller@gmx.de>
    8f66fce0
syscall.S 26 KB