arch/x86: push correct eip on the stack before lretq

Right now we use pushq, but it pushes sign-extended value, so if the parasite code is placed higher that 2Gb, we will see something like this: 0xf7efd5b0: pushq $0x23 0xf7efd5b2: pushq $0xfffffffff7efd5b9 => 0xf7efd5b7: lretq Actually we want to push 0xf7efd5b9 instead of 0xfffffffff7efd5b9. Fixes: #398 Cc: Dmitry Safonov <dima@arista.com> Cc: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Andrei Vagin <avagin@gmail.com> Acked-by: Dmitry Safonov <0x7f454c46@gmail.com> Signed-off-by: Andrei Vagin <avagin@gmail.com>
2026-01-23 10:16:41 +00:00 · 2019-09-10 06:50:58 -07:00 · 2019-09-10 06:50:58 -07:00 · a9a760278c
commit a9a760278c
parent e03d4ff583
1 changed files with 3 additions and 1 deletions
--- a/compel/arch/x86/src/lib/include/uapi/asm/sigframe.h
+++ b/compel/arch/x86/src/lib/include/uapi/asm/sigframe.h
@ -194,7 +194,9 @@ void rt_sigframe_erase_sigset(struct rt_sigframe *sigframe)
 #define ARCH_RT_SIGRETURN_COMPAT(new_sp)				\
 	asm volatile(							\
 		"pushq $"__stringify(USER32_CS)"		\n"	\
-		"pushq $1f					\n"	\
+		"xor %%rax, %%rax				\n"	\
+		"movl $1f, %%eax				\n"	\
+		"pushq   %%rax					\n"	\
 		"lretq						\n"	\
 		"1:						\n"	\
 		".code32					\n"	\