powerpc/memcpy: Fix stack corruption for smaller sizes
authorSantosh Sivaraj <santosh@fossix.org>
Tue, 3 Sep 2019 21:43:58 +0000 (03:13 +0530)
committerMichael Ellerman <mpe@ellerman.id.au>
Wed, 11 Sep 2019 23:27:00 +0000 (09:27 +1000)
For sizes lesser than 128 bytes, the code branches out early without saving
the stack frame, which when restored later drops frame of the caller.

Tested-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Signed-off-by: Santosh Sivaraj <santosh@fossix.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20190903214359.23887-1-santosh@fossix.org
arch/powerpc/lib/memcpy_mcsafe_64.S

index 949976dc115dcc5f8a929b0ed1810e7945d9fade..cb882d9a6d8a3d897c41edb54b6d2b68c93852a0 100644 (file)
@@ -84,7 +84,6 @@ err1; stw     r0,0(r3)
 
 3:     sub     r5,r5,r6
        cmpldi  r5,128
-       blt     5f
 
        mflr    r0
        stdu    r1,-STACKFRAMESIZE(r1)
@@ -99,6 +98,7 @@ err1; stw     r0,0(r3)
        std     r22,STK_REG(R22)(r1)
        std     r0,STACKFRAMESIZE+16(r1)
 
+       blt     5f
        srdi    r6,r5,7
        mtctr   r6