Restrict the arm64 supervisor all instructions to only allow a zero

immediate value for system calls. We may wish to use other values in the future for other purposes. MFC after: 1 week Sponsored by: DARPA, AFRL
2017-04-20 15:53:20 +00:00 · 2017-04-20 15:53:20 +00:00 · 52a680fb22
commit 52a680fb22
parent be4bf62684
1 changed files with 7 additions and 2 deletions
--- a/sys/arm64/arm64/trap.c
+++ b/sys/arm64/arm64/trap.c
@ -135,8 +135,13 @@ svc_handler(struct thread *td, struct trapframe *frame)
 	struct syscall_args sa;
 	int error;

-	error = syscallenter(td, &sa);
-	syscallret(td, error, &sa);
+	if ((frame->tf_esr & ESR_ELx_ISS_MASK) == 0) {
+		error = syscallenter(td, &sa);
+		syscallret(td, error, &sa);
+	} else {
+		call_trapsignal(td, SIGILL, ILL_ILLOPN, (void *)frame->tf_elr);
+		userret(td, frame);
+	}
 }

 static void