diff options
| author | Patrick Williams <iawillia@us.ibm.com> | 2011-03-28 11:43:40 -0500 |
|---|---|---|
| committer | Patrick Williams <iawillia@us.ibm.com> | 2011-03-28 11:44:10 -0500 |
| commit | f70b0c4eea84748ab30b089daab19ebb8072fb94 (patch) | |
| tree | ef01e1ec9517c1f73d21f6e3f24f40be80d2e220 /src/lib | |
| parent | ee22bb572a701ba2e172d1f95a306f880e38c2cc (diff) | |
| download | talos-hostboot-f70b0c4eea84748ab30b089daab19ebb8072fb94.tar.gz talos-hostboot-f70b0c4eea84748ab30b089daab19ebb8072fb94.zip | |
Read task_create function pointer from user space for memory protection validation.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/syscall_task.C | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/lib/syscall_task.C b/src/lib/syscall_task.C index eedd78235..39530225b 100644 --- a/src/lib/syscall_task.C +++ b/src/lib/syscall_task.C @@ -16,6 +16,11 @@ void task_yield() tid_t task_create(void(*fn)(void*), void* ptr) { + // Verify we have (memory) permissions to load the function pointer so + // we don't load bad memory from kernel space. + register uint64_t function = (uint64_t) fn; + asm volatile("ld %0, 0(%1)" : "=b"(function) : "b" (function)); + return (tid_t)(uint64_t) _syscall2(TASK_START, (void*)fn, ptr); } |
