diff options
author | Andy Lutomirski <luto@amacapital.net> | 2014-07-22 17:03:55 -0700 |
---|---|---|
committer | Andy Lutomirski <luto@amacapital.net> | 2014-07-22 17:03:55 -0700 |
commit | bc9adfa2e38fe4d86fe38f60b2a6bfa39ba4b385 (patch) | |
tree | 79b91e51721e45ce92bf0b8c820335cc6bc484a2 | |
parent | d0f136192de02b157c1195d92968e802e65a9b19 (diff) | |
download | misc-tests-bc9adfa2e38fe4d86fe38f60b2a6bfa39ba4b385.tar.gz |
sigreturn: Test a bogus non-LDT SS
This exercises the non-espfix64 bad iret path.
-rw-r--r-- | sigreturn.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/sigreturn.c b/sigreturn.c index 69132b7..4c2d0f6 100644 --- a/sigreturn.c +++ b/sigreturn.c @@ -303,14 +303,14 @@ static int do_test(int cs_bits, bool use_16bit_ss) return nerrs; } -static int test_bad_iret(int cs_bits) +static int test_bad_iret(int cs_bits, unsigned short ss) { int cs = find_cs(cs_bits); if (cs == -1) return 0; sig_cs = cs; - sig_ss = (2 << 3) | 7; + sig_ss = ss; printf("[RUN]\t%d-bit CS (%hx), bogus SS (%hx)\n", cs_bits, sig_cs, sig_ss); @@ -329,7 +329,9 @@ static int test_bad_iret(int cs_bits) int main() { int total_nerrs = 0; + unsigned short my_cs; + asm volatile ("mov %%cs,%0" : "=r" (my_cs)); setup_ldt(); stack_t stack = { @@ -352,9 +354,13 @@ int main() clearhandler(SIGTRAP); sethandler(SIGSEGV, sigtrap, SA_ONSTACK); - test_bad_iret(64); - test_bad_iret(32); - test_bad_iret(16); + test_bad_iret(64, (2 << 3) | 7); + test_bad_iret(32, (2 << 3) | 7); + test_bad_iret(16, (2 << 3) | 7); + + test_bad_iret(64, my_cs); + test_bad_iret(32, my_cs); + test_bad_iret(16, my_cs); return total_nerrs ? 1 : 0; } |