summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--sandbox/linux/seccomp/linux_syscall_support.h10
-rw-r--r--sandbox/linux/seccomp/sandbox.cc7
-rw-r--r--sandbox/linux/seccomp/trusted_thread.cc4
3 files changed, 14 insertions, 7 deletions
diff --git a/sandbox/linux/seccomp/linux_syscall_support.h b/sandbox/linux/seccomp/linux_syscall_support.h
index 0d2e529..ee1c657 100644
--- a/sandbox/linux/seccomp/linux_syscall_support.h
+++ b/sandbox/linux/seccomp/linux_syscall_support.h
@@ -1446,7 +1446,7 @@ struct kernel_statfs {
"int $0x80\n" \
"pop %%ebx" \
args \
- : "memory"); \
+ : "esp", "memory"); \
LSS_RETURN(type,__res)
#undef _syscall0
#define _syscall0(type,name) \
@@ -1503,7 +1503,7 @@ struct kernel_statfs {
: "i" (__NR_##name), "ri" ((long)(arg1)), \
"c" ((long)(arg2)), "d" ((long)(arg3)), \
"S" ((long)(arg4)), "D" ((long)(arg5)) \
- : "memory"); \
+ : "esp", "memory"); \
LSS_RETURN(type,__res); \
}
#undef _syscall6
@@ -1525,7 +1525,7 @@ struct kernel_statfs {
: "i" (__NR_##name), "0" ((long)(&__s)), \
"c" ((long)(arg2)), "d" ((long)(arg3)), \
"S" ((long)(arg4)), "D" ((long)(arg5)) \
- : "memory"); \
+ : "esp", "memory"); \
LSS_RETURN(type,__res); \
}
LSS_INLINE int LSS_NAME(clone)(int (*fn)(void *), void *child_stack,
@@ -1611,7 +1611,7 @@ struct kernel_statfs {
: "0"(-EINVAL), "i"(__NR_clone),
"m"(fn), "m"(child_stack), "m"(flags), "m"(arg),
"m"(parent_tidptr), "m"(newtls), "m"(child_tidptr)
- : "memory", "ecx", "edx", "esi", "edi");
+ : "esp", "memory", "ecx", "edx", "esi", "edi");
LSS_RETURN(int, __res);
}
@@ -1820,7 +1820,7 @@ struct kernel_statfs {
: "0"(-EINVAL), "i"(__NR_clone), "i"(__NR_exit),
"r"(fn), "S"(child_stack), "D"(flags), "r"(arg),
"d"(parent_tidptr), "r"(__tls), "r"(__ctid)
- : "memory", "r11", "rcx");
+ : "rsp", "memory", "r11", "rcx");
}
LSS_RETURN(int, __res);
}
diff --git a/sandbox/linux/seccomp/sandbox.cc b/sandbox/linux/seccomp/sandbox.cc
index 810f295..1da17d3 100644
--- a/sandbox/linux/seccomp/sandbox.cc
+++ b/sandbox/linux/seccomp/sandbox.cc
@@ -329,6 +329,13 @@ void (*Sandbox::segv())(int signo) {
".popsection\n"
"999:pop %0\n"
: "=g"(fnc)
+ :
+ : "memory"
+#if defined(__x86_64__)
+ , "rsp"
+#elif defined(__i386__)
+ , "esp"
+#endif
);
return fnc;
}
diff --git a/sandbox/linux/seccomp/trusted_thread.cc b/sandbox/linux/seccomp/trusted_thread.cc
index 25797cc..6edc05d 100644
--- a/sandbox/linux/seccomp/trusted_thread.cc
+++ b/sandbox/linux/seccomp/trusted_thread.cc
@@ -586,7 +586,7 @@ void Sandbox::createTrustedThread(int processFdPub, int cloneFdPub,
:
: "g"(&args)
: "rax", "rcx", "rdx", "rdi", "rsi", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15"
+ "r13", "r14", "r15", "rsp", "memory"
#elif defined(__i386__)
struct user_desc u;
u.entry_number = (typeof u.entry_number)-1;
@@ -1197,7 +1197,7 @@ void Sandbox::createTrustedThread(int processFdPub, int cloneFdPub,
"pop %%ebx\n"
:
: "g"(&args)
- : "eax", "ecx", "edx", "edi", "esi"
+ : "eax", "ecx", "edx", "edi", "esi", "esp", "memory"
#else
#error Unsupported target platform
#endif