From owner-svn-src-stable-10@FreeBSD.ORG  Mon Dec 22 21:46:36 2014
Return-Path: <owner-svn-src-stable-10@FreeBSD.ORG>
Delivered-To: svn-src-stable-10@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6CB86B4F;
 Mon, 22 Dec 2014 21:46:36 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 581EF328B;
 Mon, 22 Dec 2014 21:46:36 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sBMLkaKZ081262;
 Mon, 22 Dec 2014 21:46:36 GMT (envelope-from jhb@FreeBSD.org)
Received: (from jhb@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id sBMLkaDB081261;
 Mon, 22 Dec 2014 21:46:36 GMT (envelope-from jhb@FreeBSD.org)
Message-Id: <201412222146.sBMLkaDB081261@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: jhb set sender to jhb@FreeBSD.org
 using -f
From: John Baldwin <jhb@FreeBSD.org>
Date: Mon, 22 Dec 2014 21:46:36 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject: svn commit: r276085 - stable/10/sys/i386/i386
X-SVN-Group: stable-10
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable-10@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for only the 10-stable src tree
 <svn-src-stable-10.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable-10>, 
 <mailto:svn-src-stable-10-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable-10/>
List-Post: <mailto:svn-src-stable-10@freebsd.org>
List-Help: <mailto:svn-src-stable-10-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10>, 
 <mailto:svn-src-stable-10-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Dec 2014 21:46:36 -0000

Author: jhb
Date: Mon Dec 22 21:46:35 2014
New Revision: 276085
URL: https://svnweb.freebsd.org/changeset/base/276085

Log:
  MFC 275035:
  MFamd64: Check for invalid flags in the machine context in sigreturn()
  and setcontext().

Modified:
  stable/10/sys/i386/i386/machdep.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/i386/i386/machdep.c
==============================================================================
--- stable/10/sys/i386/i386/machdep.c	Mon Dec 22 21:32:39 2014	(r276084)
+++ stable/10/sys/i386/i386/machdep.c	Mon Dec 22 21:46:35 2014	(r276085)
@@ -1043,6 +1043,11 @@ sys_sigreturn(td, uap)
 	if (error != 0)
 		return (error);
 	ucp = &uc;
+	if ((ucp->uc_mcontext.mc_flags & ~_MC_FLAG_MASK) != 0) {
+		uprintf("pid %d (%s): sigreturn mc_flags %x\n", p->p_pid,
+		    td->td_name, ucp->uc_mcontext.mc_flags);
+		return (EINVAL);
+	}
 	regs = td->td_frame;
 	eflags = ucp->uc_mcontext.mc_eflags;
 	if (eflags & PSL_VM) {
@@ -3540,7 +3545,8 @@ set_mcontext(struct thread *td, const mc
 	int eflags, ret;
 
 	tp = td->td_frame;
-	if (mcp->mc_len != sizeof(*mcp))
+	if (mcp->mc_len != sizeof(*mcp) ||
+	    (mcp->mc_flags & ~_MC_FLAG_MASK) != 0)
 		return (EINVAL);
 	eflags = (mcp->mc_eflags & PSL_USERCHANGE) |
 	    (tp->tf_eflags & ~PSL_USERCHANGE);