[Bug] riscv64架构下的arch_signal_quit 的实现存在风险

### RT-Thread Version

ece19e9

### Hardware Type/Architectures

riscv64 qemu

### Develop Toolchain

GCC

### Describe the bug

components/lwp/arch/risc-v/rv64/lwp_gcc.S 中的arch_signal_quit中将内核栈中的地址保存到用户栈中，之后又从用户栈中的保存值恢复sp，在多核环境下，如果另外一个核心运行的其他线程（属于同一进程）通过修改当前线程用户栈里保存的内核栈地址，可能导致内核崩溃，需要考虑该函数更安全的实现方案。

```
arch_signal_quit:
    LOAD a0, FRAME_OFF_SP(sp)
    addi a1, sp, CTX_REG_NR * REGBYTES
    call arch_signal_ucontext_restore

    /* reset kernel sp to the stack */
    addi sp, sp, CTX_REG_NR * REGBYTES
    STORE sp, FRAME_OFF_SP(a0)
    /* return value is user sp */
    mv sp, a0

    /* restore user sp before enter trap */
    addi a0, sp, CTX_REG_NR * REGBYTES
    csrw sscratch, a0


    RESTORE_ALL
    SAVE_ALL
    j arch_ret_to_user
```

### Other additional context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Bug] riscv64架构下的arch_signal_quit 的实现存在风险 #10526

RT-Thread Version

Hardware Type/Architectures

Develop Toolchain

Describe the bug

Other additional context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Bug] riscv64架构下的arch_signal_quit 的实现存在风险 #10526

Description

RT-Thread Version

Hardware Type/Architectures

Develop Toolchain

Describe the bug

Other additional context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions