From: madvenka@linux.microsoft.com
To: broonie@kernel.org, mark.rutland@arm.com, jpoimboe@redhat.com,
ardb@kernel.org, nobuta.keiya@fujitsu.com,
sjitindarsingh@gmail.com, catalin.marinas@arm.com,
will@kernel.org, jamorris@linux.microsoft.com,
linux-arm-kernel@lists.infradead.org,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
madvenka@linux.microsoft.com
Subject: [PATCH v15 3/6] arm64: Make the unwind loop in unwind() similar to other architectures
Date: Fri, 17 Jun 2022 16:07:14 -0500 [thread overview]
Message-ID: <20220617210717.27126-4-madvenka@linux.microsoft.com> (raw)
In-Reply-To: <20220617210717.27126-1-madvenka@linux.microsoft.com>
From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>
Change the loop in unwind()
===========================
Change the unwind loop in unwind() to:
while (unwind_continue(state, consume_entry, cookie))
unwind_next(state);
This is easy to understand and maintain.
New function unwind_continue()
==============================
Define a new function unwind_continue() that is used in the unwind loop
to check for conditions that terminate a stack trace.
The conditions checked are:
- If the bottom of the stack (final frame) has been reached,
terminate.
- If the consume_entry() function returns false, the caller of
unwind has asked to terminate the stack trace. So, terminate.
- If unwind_next() failed for some reason (like stack corruption),
terminate.
Do not return an error value from unwind_next()
===============================================
We want to check for terminating conditions only in unwind_continue() from
the unwinder loop. So, do not return an error value from unwind_next().
Simply set a flag in unwind_state and check the flag in unwind_continue().
Final FP
========
Introduce a new field "final_fp" in "struct unwind_state". Initialize this
to the final frame of the stack trace:
task_pt_regs(task)->stackframe
This is where the stacktrace must terminate if it is successful. Add an
explicit comment to that effect.
Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
---
arch/arm64/kernel/stacktrace.c | 78 ++++++++++++++++++++++------------
1 file changed, 52 insertions(+), 26 deletions(-)
diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
index 8e43444d50e2..c749129aba5a 100644
--- a/arch/arm64/kernel/stacktrace.c
+++ b/arch/arm64/kernel/stacktrace.c
@@ -40,6 +40,10 @@
* value.
*
* @task: The task being unwound.
+ *
+ * @final_fp: Pointer to the final frame.
+ *
+ * @failed: Unwind failed.
*/
struct unwind_state {
unsigned long fp;
@@ -51,6 +55,8 @@ struct unwind_state {
struct llist_node *kr_cur;
#endif
struct task_struct *task;
+ unsigned long final_fp;
+ bool failed;
};
static void unwind_init_common(struct unwind_state *state,
@@ -73,6 +79,10 @@ static void unwind_init_common(struct unwind_state *state,
bitmap_zero(state->stacks_done, __NR_STACK_TYPES);
state->prev_fp = 0;
state->prev_type = STACK_TYPE_UNKNOWN;
+ state->failed = false;
+
+ /* Stack trace terminates here. */
+ state->final_fp = (unsigned long)task_pt_regs(task)->stackframe;
}
/*
@@ -126,6 +136,25 @@ static inline void unwind_init_from_task(struct unwind_state *state,
state->pc = thread_saved_pc(task);
}
+static bool notrace unwind_continue(struct unwind_state *state,
+ stack_trace_consume_fn consume_entry,
+ void *cookie)
+{
+ if (state->failed) {
+ /* PC is suspect. Cannot consume it. */
+ return false;
+ }
+
+ if (!consume_entry(cookie, state->pc)) {
+ /* Caller terminated the unwind. */
+ state->failed = true;
+ return false;
+ }
+
+ return state->fp != state->final_fp;
+}
+NOKPROBE_SYMBOL(unwind_continue);
+
/*
* Unwind from one frame record (A) to the next frame record (B).
*
@@ -133,24 +162,26 @@ static inline void unwind_init_from_task(struct unwind_state *state,
* records (e.g. a cycle), determined based on the location and fp value of A
* and the location (but not the fp value) of B.
*/
-static int notrace unwind_next(struct unwind_state *state)
+static void notrace unwind_next(struct unwind_state *state)
{
struct task_struct *tsk = state->task;
unsigned long fp = state->fp;
struct stack_info info;
- /* Final frame; nothing to unwind */
- if (fp == (unsigned long)task_pt_regs(tsk)->stackframe)
- return -ENOENT;
-
- if (fp & 0x7)
- return -EINVAL;
+ if (fp & 0x7) {
+ state->failed = true;
+ return;
+ }
- if (!on_accessible_stack(tsk, fp, 16, &info))
- return -EINVAL;
+ if (!on_accessible_stack(tsk, fp, 16, &info)) {
+ state->failed = true;
+ return;
+ }
- if (test_bit(info.type, state->stacks_done))
- return -EINVAL;
+ if (test_bit(info.type, state->stacks_done)) {
+ state->failed = true;
+ return;
+ }
/*
* As stacks grow downward, any valid record on the same stack must be
@@ -166,8 +197,10 @@ static int notrace unwind_next(struct unwind_state *state)
* stack.
*/
if (info.type == state->prev_type) {
- if (fp <= state->prev_fp)
- return -EINVAL;
+ if (fp <= state->prev_fp) {
+ state->failed = true;
+ return;
+ }
} else {
set_bit(state->prev_type, state->stacks_done);
}
@@ -195,8 +228,10 @@ static int notrace unwind_next(struct unwind_state *state)
*/
orig_pc = ftrace_graph_ret_addr(tsk, NULL, state->pc,
(void *)state->fp);
- if (WARN_ON_ONCE(state->pc == orig_pc))
- return -EINVAL;
+ if (WARN_ON_ONCE(state->pc == orig_pc)) {
+ state->failed = true;
+ return;
+ }
state->pc = orig_pc;
}
#endif /* CONFIG_FUNCTION_GRAPH_TRACER */
@@ -204,23 +239,14 @@ static int notrace unwind_next(struct unwind_state *state)
if (is_kretprobe_trampoline(state->pc))
state->pc = kretprobe_find_ret_addr(tsk, (void *)state->fp, &state->kr_cur);
#endif
-
- return 0;
}
NOKPROBE_SYMBOL(unwind_next);
static void notrace unwind(struct unwind_state *state,
stack_trace_consume_fn consume_entry, void *cookie)
{
- while (1) {
- int ret;
-
- if (!consume_entry(cookie, state->pc))
- break;
- ret = unwind_next(state);
- if (ret < 0)
- break;
- }
+ while (unwind_continue(state, consume_entry, cookie))
+ unwind_next(state);
}
NOKPROBE_SYMBOL(unwind);
--
2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: madvenka@linux.microsoft.com
To: broonie@kernel.org, mark.rutland@arm.com, jpoimboe@redhat.com,
ardb@kernel.org, nobuta.keiya@fujitsu.com,
sjitindarsingh@gmail.com, catalin.marinas@arm.com,
will@kernel.org, jamorris@linux.microsoft.com,
linux-arm-kernel@lists.infradead.org,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
madvenka@linux.microsoft.com
Subject: [PATCH v15 3/6] arm64: Make the unwind loop in unwind() similar to other architectures
Date: Fri, 17 Jun 2022 16:07:14 -0500 [thread overview]
Message-ID: <20220617210717.27126-4-madvenka@linux.microsoft.com> (raw)
In-Reply-To: <20220617210717.27126-1-madvenka@linux.microsoft.com>
From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>
Change the loop in unwind()
===========================
Change the unwind loop in unwind() to:
while (unwind_continue(state, consume_entry, cookie))
unwind_next(state);
This is easy to understand and maintain.
New function unwind_continue()
==============================
Define a new function unwind_continue() that is used in the unwind loop
to check for conditions that terminate a stack trace.
The conditions checked are:
- If the bottom of the stack (final frame) has been reached,
terminate.
- If the consume_entry() function returns false, the caller of
unwind has asked to terminate the stack trace. So, terminate.
- If unwind_next() failed for some reason (like stack corruption),
terminate.
Do not return an error value from unwind_next()
===============================================
We want to check for terminating conditions only in unwind_continue() from
the unwinder loop. So, do not return an error value from unwind_next().
Simply set a flag in unwind_state and check the flag in unwind_continue().
Final FP
========
Introduce a new field "final_fp" in "struct unwind_state". Initialize this
to the final frame of the stack trace:
task_pt_regs(task)->stackframe
This is where the stacktrace must terminate if it is successful. Add an
explicit comment to that effect.
Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
---
arch/arm64/kernel/stacktrace.c | 78 ++++++++++++++++++++++------------
1 file changed, 52 insertions(+), 26 deletions(-)
diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
index 8e43444d50e2..c749129aba5a 100644
--- a/arch/arm64/kernel/stacktrace.c
+++ b/arch/arm64/kernel/stacktrace.c
@@ -40,6 +40,10 @@
* value.
*
* @task: The task being unwound.
+ *
+ * @final_fp: Pointer to the final frame.
+ *
+ * @failed: Unwind failed.
*/
struct unwind_state {
unsigned long fp;
@@ -51,6 +55,8 @@ struct unwind_state {
struct llist_node *kr_cur;
#endif
struct task_struct *task;
+ unsigned long final_fp;
+ bool failed;
};
static void unwind_init_common(struct unwind_state *state,
@@ -73,6 +79,10 @@ static void unwind_init_common(struct unwind_state *state,
bitmap_zero(state->stacks_done, __NR_STACK_TYPES);
state->prev_fp = 0;
state->prev_type = STACK_TYPE_UNKNOWN;
+ state->failed = false;
+
+ /* Stack trace terminates here. */
+ state->final_fp = (unsigned long)task_pt_regs(task)->stackframe;
}
/*
@@ -126,6 +136,25 @@ static inline void unwind_init_from_task(struct unwind_state *state,
state->pc = thread_saved_pc(task);
}
+static bool notrace unwind_continue(struct unwind_state *state,
+ stack_trace_consume_fn consume_entry,
+ void *cookie)
+{
+ if (state->failed) {
+ /* PC is suspect. Cannot consume it. */
+ return false;
+ }
+
+ if (!consume_entry(cookie, state->pc)) {
+ /* Caller terminated the unwind. */
+ state->failed = true;
+ return false;
+ }
+
+ return state->fp != state->final_fp;
+}
+NOKPROBE_SYMBOL(unwind_continue);
+
/*
* Unwind from one frame record (A) to the next frame record (B).
*
@@ -133,24 +162,26 @@ static inline void unwind_init_from_task(struct unwind_state *state,
* records (e.g. a cycle), determined based on the location and fp value of A
* and the location (but not the fp value) of B.
*/
-static int notrace unwind_next(struct unwind_state *state)
+static void notrace unwind_next(struct unwind_state *state)
{
struct task_struct *tsk = state->task;
unsigned long fp = state->fp;
struct stack_info info;
- /* Final frame; nothing to unwind */
- if (fp == (unsigned long)task_pt_regs(tsk)->stackframe)
- return -ENOENT;
-
- if (fp & 0x7)
- return -EINVAL;
+ if (fp & 0x7) {
+ state->failed = true;
+ return;
+ }
- if (!on_accessible_stack(tsk, fp, 16, &info))
- return -EINVAL;
+ if (!on_accessible_stack(tsk, fp, 16, &info)) {
+ state->failed = true;
+ return;
+ }
- if (test_bit(info.type, state->stacks_done))
- return -EINVAL;
+ if (test_bit(info.type, state->stacks_done)) {
+ state->failed = true;
+ return;
+ }
/*
* As stacks grow downward, any valid record on the same stack must be
@@ -166,8 +197,10 @@ static int notrace unwind_next(struct unwind_state *state)
* stack.
*/
if (info.type == state->prev_type) {
- if (fp <= state->prev_fp)
- return -EINVAL;
+ if (fp <= state->prev_fp) {
+ state->failed = true;
+ return;
+ }
} else {
set_bit(state->prev_type, state->stacks_done);
}
@@ -195,8 +228,10 @@ static int notrace unwind_next(struct unwind_state *state)
*/
orig_pc = ftrace_graph_ret_addr(tsk, NULL, state->pc,
(void *)state->fp);
- if (WARN_ON_ONCE(state->pc == orig_pc))
- return -EINVAL;
+ if (WARN_ON_ONCE(state->pc == orig_pc)) {
+ state->failed = true;
+ return;
+ }
state->pc = orig_pc;
}
#endif /* CONFIG_FUNCTION_GRAPH_TRACER */
@@ -204,23 +239,14 @@ static int notrace unwind_next(struct unwind_state *state)
if (is_kretprobe_trampoline(state->pc))
state->pc = kretprobe_find_ret_addr(tsk, (void *)state->fp, &state->kr_cur);
#endif
-
- return 0;
}
NOKPROBE_SYMBOL(unwind_next);
static void notrace unwind(struct unwind_state *state,
stack_trace_consume_fn consume_entry, void *cookie)
{
- while (1) {
- int ret;
-
- if (!consume_entry(cookie, state->pc))
- break;
- ret = unwind_next(state);
- if (ret < 0)
- break;
- }
+ while (unwind_continue(state, consume_entry, cookie))
+ unwind_next(state);
}
NOKPROBE_SYMBOL(unwind);
--
2.25.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-06-17 21:07 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <ff68fb850d42e1adaa6a0a6c9c258acabb898b24>
2022-06-17 18:02 ` [RFC PATCH v15 0/6] arm64: Reorganize the unwinder and implement stack trace reliability checks madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 1/6] arm64: Split unwind_init() madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 2/6] arm64: Copy the task argument to unwind_state madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 3/6] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 4/6] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 5/6] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 18:02 ` [RFC PATCH v15 6/6] arm64: Introduce arch_stack_walk_reliable() madvenka
2022-06-17 18:02 ` madvenka
2022-06-17 20:50 ` [RFC PATCH v15 0/6] arm64: Reorganize the unwinder and implement stack trace reliability checks Madhavan T. Venkataraman
2022-06-17 20:50 ` Madhavan T. Venkataraman
2022-06-27 13:00 ` Will Deacon
2022-06-27 13:00 ` Will Deacon
2022-06-27 17:06 ` Madhavan T. Venkataraman
2022-06-27 17:06 ` Madhavan T. Venkataraman
2022-06-17 21:07 ` [PATCH " madvenka
2022-06-17 21:07 ` madvenka
2022-06-17 21:07 ` [PATCH v15 1/6] arm64: Split unwind_init() madvenka
2022-06-17 21:07 ` madvenka
2022-06-26 7:39 ` Mark Rutland
2022-06-26 7:39 ` Mark Rutland
2022-06-17 21:07 ` [PATCH v15 2/6] arm64: Copy the task argument to unwind_state madvenka
2022-06-17 21:07 ` madvenka
2022-06-26 7:39 ` Mark Rutland
2022-06-26 7:39 ` Mark Rutland
2022-06-17 21:07 ` madvenka [this message]
2022-06-17 21:07 ` [PATCH v15 3/6] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2022-06-26 8:21 ` Mark Rutland
2022-06-26 8:21 ` Mark Rutland
2022-06-27 4:51 ` Madhavan T. Venkataraman
2022-06-27 4:51 ` Madhavan T. Venkataraman
2022-06-17 21:07 ` [PATCH v15 4/6] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2022-06-17 21:07 ` madvenka
2022-06-26 8:32 ` Mark Rutland
2022-06-26 8:32 ` Mark Rutland
2022-06-27 5:01 ` Madhavan T. Venkataraman
2022-06-27 5:01 ` Madhavan T. Venkataraman
2022-06-17 21:07 ` [PATCH v15 5/6] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2022-06-17 21:07 ` madvenka
2022-06-26 8:46 ` Mark Rutland
2022-06-26 8:46 ` Mark Rutland
2022-06-27 5:06 ` Madhavan T. Venkataraman
2022-06-27 5:06 ` Madhavan T. Venkataraman
2022-06-17 21:07 ` [PATCH v15 6/6] arm64: Introduce arch_stack_walk_reliable() madvenka
2022-06-17 21:07 ` madvenka
2022-06-26 8:57 ` Mark Rutland
2022-06-26 8:57 ` Mark Rutland
2022-06-27 5:53 ` Madhavan T. Venkataraman
2022-06-27 5:53 ` Madhavan T. Venkataraman
2022-06-23 17:32 ` [PATCH v15 0/6] arm64: Reorganize the unwinder and implement stack trace reliability checks Will Deacon
2022-06-23 17:32 ` Will Deacon
2022-06-24 5:19 ` Madhavan T. Venkataraman
2022-06-24 5:19 ` Madhavan T. Venkataraman
2022-06-24 5:27 ` Madhavan T. Venkataraman
2022-06-24 5:27 ` Madhavan T. Venkataraman
2022-06-26 9:18 ` Mark Rutland
2022-06-26 9:18 ` Mark Rutland
2022-06-27 4:33 ` Madhavan T. Venkataraman
2022-06-27 4:33 ` Madhavan T. Venkataraman
2022-06-27 16:32 ` Kalesh Singh
2022-06-27 16:32 ` Kalesh Singh
2022-06-27 17:04 ` Madhavan T. Venkataraman
2022-06-27 17:04 ` Madhavan T. Venkataraman
2022-06-27 4:48 ` Madhavan T. Venkataraman
2022-06-27 4:48 ` Madhavan T. Venkataraman
2022-06-27 9:42 ` Will Deacon
2022-06-27 9:42 ` Will Deacon
2022-06-24 11:42 ` Mark Brown
2022-06-24 11:42 ` Mark Brown
2022-06-24 22:15 ` Madhavan T. Venkataraman
2022-06-24 22:15 ` Madhavan T. Venkataraman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220617210717.27126-4-madvenka@linux.microsoft.com \
--to=madvenka@linux.microsoft.com \
--cc=ardb@kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=jamorris@linux.microsoft.com \
--cc=jpoimboe@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=nobuta.keiya@fujitsu.com \
--cc=sjitindarsingh@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.