[PATCH 1/2] powerpc/memcpy: Fix stack corruption for smaller sizes

Santosh Sivaraj santosh at fossix.org
Wed Sep 4 07:43:58 AEST 2019


For sizes lesser than 128 bytes, the code branches out early without saving
the stack frame, which when restored later drops frame of the caller.

Tested-by: Aneesh Kumar K.V <aneesh.kumar at linux.ibm.com>
Signed-off-by: Santosh Sivaraj <santosh at fossix.org>
---
 arch/powerpc/lib/memcpy_mcsafe_64.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/powerpc/lib/memcpy_mcsafe_64.S b/arch/powerpc/lib/memcpy_mcsafe_64.S
index 949976dc115d..cb882d9a6d8a 100644
--- a/arch/powerpc/lib/memcpy_mcsafe_64.S
+++ b/arch/powerpc/lib/memcpy_mcsafe_64.S
@@ -84,7 +84,6 @@ err1;	stw	r0,0(r3)
 
 3:	sub	r5,r5,r6
 	cmpldi	r5,128
-	blt	5f
 
 	mflr	r0
 	stdu	r1,-STACKFRAMESIZE(r1)
@@ -99,6 +98,7 @@ err1;	stw	r0,0(r3)
 	std	r22,STK_REG(R22)(r1)
 	std	r0,STACKFRAMESIZE+16(r1)
 
+	blt	5f
 	srdi	r6,r5,7
 	mtctr	r6
 
-- 
2.21.0



More information about the Linuxppc-dev mailing list