src/trusted/service_runtime/arch/x86_64/nacl_syscall_64.S - Issue 10829110: Fix two register leaks in the trusted->untrusted context switch

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: src/trusted/service_runtime/arch/x86_64/nacl_syscall_64.S

Issue 10829110: Fix two register leaks in the trusted->untrusted context switch (Closed) Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client

Patch Set: Fix comment Created 8 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /*	1 /*

2 * Copyright (c) 2012 The Native Client Authors. All rights reserved.	2 * Copyright (c) 2012 The Native Client Authors. All rights reserved.

3 * Use of this source code is governed by a BSD-style license that can be	3 * Use of this source code is governed by a BSD-style license that can be

4 * found in the LICENSE file.	4 * found in the LICENSE file.

5 */	5 */

6	6

7 /*	7 /*

8 * The MacOS assembler has a macro facility that is pretty close	8 * The MacOS assembler has a macro facility that is pretty close

9 * to GNU as macros, but not quite the same.	9 * to GNU as macros, but not quite the same.

10 */	10 */

(...skipping 196 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
207 * 0x08 -0x10 rdx	207 * 0x08 -0x10 rdx

208 * 0x04 -0x14 rsi	208 * 0x04 -0x14 rsi

209 * 0x00 -0x18 rdi	209 * 0x00 -0x18 rdi

210 */	210 */

211	211

212 DEFINE_GLOBAL_HIDDEN_IDENTIFIER(NaClGetTlsFastPath):	212 DEFINE_GLOBAL_HIDDEN_IDENTIFIER(NaClGetTlsFastPath):

213 get_tls	213 get_tls

214 leaq IDENTIFIER(nacl_tls)(%rip), %rdx	214 leaq IDENTIFIER(nacl_tls)(%rip), %rdx

215 leaq (%rdx,%rax,4), %rdx	215 leaq (%rdx,%rax,4), %rdx

216 movl 0x0(%rdx), %eax	216 movl 0x0(%rdx), %eax

217 xorl %edx, %edx /* do not leak nacl_tls[thread_id] address */

218 /* sandbox the return, straight off the untrusted stack */	217 /* sandbox the return, straight off the untrusted stack */

219 movq 0x8(%rsp), %rcx	218 movq 0x8(%rsp), %rcx

220 addq $0x10, %rsp	219 addq $0x10, %rsp

221 addl $31, %ecx	220 addl $31, %ecx

222 andl $0xffffffe0, %ecx	221 andl $0xffffffe0, %ecx

223 addq %r15, %rcx	222 addq %r15, %rcx

	223 /*

	224 * Set %rdx to zero so that we do not leak nacl_tls[thread_id]

	225 * address. This also resets flags. Resetting flags to fixed

	226 * values by doing this last simplifies testing that we do not

	227 * leak any information via flags.

	228 */

	229 xorl %edx, %edx

224 jmp *%rcx	230 jmp *%rcx

OLD	NEW

« no previous file with comments | « src/trusted/service_runtime/arch/x86_64/nacl_switch_64.S ('k') | tests/common/register_set.h » ('j') | no next file with comments »