Check alignment of fp in unwind_frame

A misaligned frame pointer is certainly not a valid frame pointer and with strict alignment enabled (as on CHERI) can cause panics when it is loaded from later in the code. This is a recommit of 40e0fa10f58d90744c2857b57adf0ddbce1a1e1c with is_aligned() corrected to __is_aligned(). Reviewed By: jhb Differential Revision: https://reviews.freebsd.org/D34646
2022-11-16 18:29:28 +00:00 · 2022-11-16 18:29:28 +00:00 · 61b146ba43
commit 61b146ba43
parent 07853c6c9d
2 changed files with 4 additions and 2 deletions
--- a/sys/arm64/arm64/unwind.c
+++ b/sys/arm64/arm64/unwind.c
@ -41,7 +41,8 @@ unwind_frame(struct thread *td, struct unwind_state *frame)

 	fp = frame->fp;

-	if (!kstack_contains(td, fp, sizeof(uintptr_t) * 2))
+	if (!__is_aligned(fp, sizeof(fp)) ||
+	    !kstack_contains(td, fp, sizeof(fp) * 2))
 		return (false);

 	/* FP to previous frame (X29) */
--- a/sys/riscv/riscv/unwind.c
+++ b/sys/riscv/riscv/unwind.c
@ -47,7 +47,8 @@ unwind_frame(struct thread *td, struct unwind_state *frame)

 	fp = frame->fp;

-	if (!kstack_contains(td, fp - sizeof(fp) * 2, sizeof(fp) * 2))
+	if (!__is_aligned(fp, sizeof(fp)) ||
+	    !kstack_contains(td, fp - sizeof(fp) * 2, sizeof(fp) * 2))
 		return (false);

 	frame->sp = fp;