From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Sven Schnelle <svens@stackframe.org>,
Helge Deller <deller@gmx.de>
Subject: [PATCH 5.15 15/20] parisc/entry: fix trace test in syscall exit path
Date: Fri, 19 Nov 2021 18:39:33 +0100 [thread overview]
Message-ID: <20211119171445.150467764@linuxfoundation.org> (raw)
In-Reply-To: <20211119171444.640508836@linuxfoundation.org>
From: Sven Schnelle <svens@stackframe.org>
commit 3ec18fc7831e7d79e2d536dd1f3bc0d3ba425e8a upstream.
commit 8779e05ba8aa ("parisc: Fix ptrace check on syscall return")
fixed testing of TI_FLAGS. This uncovered a bug in the test mask.
syscall_restore_rfi is only used when the kernel needs to exit to
usespace with single or block stepping and the recovery counter
enabled. The test however used _TIF_SYSCALL_TRACE_MASK, which
includes a lot of bits that shouldn't be tested here.
Fix this by using TIF_SINGLESTEP and TIF_BLOCKSTEP directly.
I encountered this bug by enabling syscall tracepoints. Both in qemu and
on real hardware. As soon as i enabled the tracepoint (sys_exit_read,
but i guess it doesn't really matter which one), i got random page
faults in userspace almost immediately.
Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/parisc/kernel/entry.S | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/parisc/kernel/entry.S
+++ b/arch/parisc/kernel/entry.S
@@ -1835,7 +1835,7 @@ syscall_restore:
/* Are we being ptraced? */
LDREG TI_FLAGS-THREAD_SZ_ALGN-FRAME_SIZE(%r30),%r19
- ldi _TIF_SYSCALL_TRACE_MASK,%r2
+ ldi _TIF_SINGLESTEP|_TIF_BLOCKSTEP,%r2
and,COND(=) %r19,%r2,%r0
b,n syscall_restore_rfi
next prev parent reply other threads:[~2021-11-19 17:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-19 17:39 [PATCH 5.15 00/20] 5.15.4-rc1 review Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 01/20] string: uninline memcpy_and_pad Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 02/20] Revert "drm: fb_helper: improve CONFIG_FB dependency" Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 03/20] Revert "drm: fb_helper: fix " Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 04/20] KVM: Fix steal time asm constraints Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 05/20] btrfs: introduce btrfs_is_data_reloc_root Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 06/20] btrfs: zoned: add a dedicated data relocation block group Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 07/20] btrfs: zoned: only allow one process to add pages to a relocation inode Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 08/20] btrfs: zoned: use regular writes for relocation Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 09/20] btrfs: check for relocation inodes on zoned btrfs in should_nocow Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 10/20] btrfs: zoned: allow preallocation for relocation inodes Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 11/20] fortify: Explicitly disable Clang support Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 12/20] block: Add a helper to validate the block size Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 13/20] loop: Use blk_validate_block_size() to validate " Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 14/20] Bluetooth: btusb: Add support for TP-Link UB500 Adapter Greg Kroah-Hartman
2021-11-19 17:39 ` Greg Kroah-Hartman [this message]
2021-11-19 17:39 ` [PATCH 5.15 16/20] PCI/MSI: Deal with devices lying about their MSI mask capability Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 17/20] PCI: Add MSI masking quirk for Nvidia ION AHCI Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 18/20] perf/core: Avoid put_page() when GUP fails Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 19/20] thermal: Fix NULL pointer dereferences in of_thermal_ functions Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 20/20] Revert "ACPI: scan: Release PM resources blocked by unused objects" Greg Kroah-Hartman
2021-11-19 19:15 ` [PATCH 5.15 00/20] 5.15.4-rc1 review Florian Fainelli
2021-11-19 21:53 ` Fox Chen
2021-11-19 23:17 ` Shuah Khan
2021-11-20 4:28 ` Daniel Díaz
2021-11-20 8:16 ` Rudi Heitbaum
2021-11-20 16:53 ` Guenter Roeck
2021-11-20 17:40 ` Scott Bruce
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211119171445.150467764@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=deller@gmx.de \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=svens@stackframe.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.