* [PATCH -tip urgent] x86/unwind/orc: Fix error handling in __unwind_start()
@ 2020-05-14 20:31 Josh Poimboeuf
2020-05-15 9:03 ` Miroslav Benes
2020-05-15 17:17 ` [tip: objtool/urgent] " tip-bot2 for Josh Poimboeuf
0 siblings, 2 replies; 3+ messages in thread
From: Josh Poimboeuf @ 2020-05-14 20:31 UTC (permalink / raw)
To: x86
Cc: linux-kernel, Peter Zijlstra, Vince Weaver, Dave Jones,
Jann Horn, Miroslav Benes, Andy Lutomirski, Thomas Gleixner,
Pavel Machek
The unwind_state 'error' field is used to inform the reliable unwinding
code that the stack trace can't be trusted. Set this field for all
errors in __unwind_start().
Also, move the zeroing out of the unwind_state struct to before the ORC
table initialization check, to prevent the caller from reading
uninitialized data if the ORC table is corrupted.
Fixes: af085d9084b4 ("stacktrace/x86: add function for detecting reliable stack traces")
Fixes: d3a09104018c ("x86/unwinder/orc: Dont bail on stack overflow")
Fixes: 98d0c8ebf77e ("x86/unwind/orc: Prevent unwinding before ORC initialization")
Reported-by: Pavel Machek <pavel@denx.de>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
---
arch/x86/kernel/unwind_orc.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/unwind_orc.c b/arch/x86/kernel/unwind_orc.c
index 5b0bd8581fe6..fa79e4227d3d 100644
--- a/arch/x86/kernel/unwind_orc.c
+++ b/arch/x86/kernel/unwind_orc.c
@@ -617,23 +617,23 @@ EXPORT_SYMBOL_GPL(unwind_next_frame);
void __unwind_start(struct unwind_state *state, struct task_struct *task,
struct pt_regs *regs, unsigned long *first_frame)
{
- if (!orc_init)
- goto done;
-
memset(state, 0, sizeof(*state));
state->task = task;
+ if (!orc_init)
+ goto err;
+
/*
* Refuse to unwind the stack of a task while it's executing on another
* CPU. This check is racy, but that's ok: the unwinder has other
* checks to prevent it from going off the rails.
*/
if (task_on_another_cpu(task))
- goto done;
+ goto err;
if (regs) {
if (user_mode(regs))
- goto done;
+ goto the_end;
state->ip = regs->ip;
state->sp = regs->sp;
@@ -666,6 +666,7 @@ void __unwind_start(struct unwind_state *state, struct task_struct *task,
* generate some kind of backtrace if this happens.
*/
void *next_page = (void *)PAGE_ALIGN((unsigned long)state->sp);
+ state->error = true;
if (get_stack_info(next_page, state->task, &state->stack_info,
&state->stack_mask))
return;
@@ -691,8 +692,9 @@ void __unwind_start(struct unwind_state *state, struct task_struct *task,
return;
-done:
+err:
+ state->error = true;
+the_end:
state->stack_info.type = STACK_TYPE_UNKNOWN;
- return;
}
EXPORT_SYMBOL_GPL(__unwind_start);
--
2.21.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH -tip urgent] x86/unwind/orc: Fix error handling in __unwind_start()
2020-05-14 20:31 [PATCH -tip urgent] x86/unwind/orc: Fix error handling in __unwind_start() Josh Poimboeuf
@ 2020-05-15 9:03 ` Miroslav Benes
2020-05-15 17:17 ` [tip: objtool/urgent] " tip-bot2 for Josh Poimboeuf
1 sibling, 0 replies; 3+ messages in thread
From: Miroslav Benes @ 2020-05-15 9:03 UTC (permalink / raw)
To: Josh Poimboeuf
Cc: x86, linux-kernel, Peter Zijlstra, Vince Weaver, Dave Jones,
Jann Horn, Andy Lutomirski, Thomas Gleixner, Pavel Machek
On Thu, 14 May 2020, Josh Poimboeuf wrote:
> The unwind_state 'error' field is used to inform the reliable unwinding
> code that the stack trace can't be trusted. Set this field for all
> errors in __unwind_start().
>
> Also, move the zeroing out of the unwind_state struct to before the ORC
> table initialization check, to prevent the caller from reading
> uninitialized data if the ORC table is corrupted.
>
> Fixes: af085d9084b4 ("stacktrace/x86: add function for detecting reliable stack traces")
> Fixes: d3a09104018c ("x86/unwinder/orc: Dont bail on stack overflow")
> Fixes: 98d0c8ebf77e ("x86/unwind/orc: Prevent unwinding before ORC initialization")
> Reported-by: Pavel Machek <pavel@denx.de>
> Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
M
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tip: objtool/urgent] x86/unwind/orc: Fix error handling in __unwind_start()
2020-05-14 20:31 [PATCH -tip urgent] x86/unwind/orc: Fix error handling in __unwind_start() Josh Poimboeuf
2020-05-15 9:03 ` Miroslav Benes
@ 2020-05-15 17:17 ` tip-bot2 for Josh Poimboeuf
1 sibling, 0 replies; 3+ messages in thread
From: tip-bot2 for Josh Poimboeuf @ 2020-05-15 17:17 UTC (permalink / raw)
To: linux-tip-commits
Cc: Pavel Machek, Josh Poimboeuf, Peter Zijlstra (Intel), x86, LKML
The following commit has been merged into the objtool/urgent branch of tip:
Commit-ID: 71c95825289f585014fe9741b051d32a7a916680
Gitweb: https://git.kernel.org/tip/71c95825289f585014fe9741b051d32a7a916680
Author: Josh Poimboeuf <jpoimboe@redhat.com>
AuthorDate: Thu, 14 May 2020 15:31:10 -05:00
Committer: Peter Zijlstra <peterz@infradead.org>
CommitterDate: Fri, 15 May 2020 10:35:08 +02:00
x86/unwind/orc: Fix error handling in __unwind_start()
The unwind_state 'error' field is used to inform the reliable unwinding
code that the stack trace can't be trusted. Set this field for all
errors in __unwind_start().
Also, move the zeroing out of the unwind_state struct to before the ORC
table initialization check, to prevent the caller from reading
uninitialized data if the ORC table is corrupted.
Fixes: af085d9084b4 ("stacktrace/x86: add function for detecting reliable stack traces")
Fixes: d3a09104018c ("x86/unwinder/orc: Dont bail on stack overflow")
Fixes: 98d0c8ebf77e ("x86/unwind/orc: Prevent unwinding before ORC initialization")
Reported-by: Pavel Machek <pavel@denx.de>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/d6ac7215a84ca92b895fdd2e1aa546729417e6e6.1589487277.git.jpoimboe@redhat.com
---
arch/x86/kernel/unwind_orc.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/unwind_orc.c b/arch/x86/kernel/unwind_orc.c
index 5b0bd85..fa79e42 100644
--- a/arch/x86/kernel/unwind_orc.c
+++ b/arch/x86/kernel/unwind_orc.c
@@ -617,23 +617,23 @@ EXPORT_SYMBOL_GPL(unwind_next_frame);
void __unwind_start(struct unwind_state *state, struct task_struct *task,
struct pt_regs *regs, unsigned long *first_frame)
{
- if (!orc_init)
- goto done;
-
memset(state, 0, sizeof(*state));
state->task = task;
+ if (!orc_init)
+ goto err;
+
/*
* Refuse to unwind the stack of a task while it's executing on another
* CPU. This check is racy, but that's ok: the unwinder has other
* checks to prevent it from going off the rails.
*/
if (task_on_another_cpu(task))
- goto done;
+ goto err;
if (regs) {
if (user_mode(regs))
- goto done;
+ goto the_end;
state->ip = regs->ip;
state->sp = regs->sp;
@@ -666,6 +666,7 @@ void __unwind_start(struct unwind_state *state, struct task_struct *task,
* generate some kind of backtrace if this happens.
*/
void *next_page = (void *)PAGE_ALIGN((unsigned long)state->sp);
+ state->error = true;
if (get_stack_info(next_page, state->task, &state->stack_info,
&state->stack_mask))
return;
@@ -691,8 +692,9 @@ void __unwind_start(struct unwind_state *state, struct task_struct *task,
return;
-done:
+err:
+ state->error = true;
+the_end:
state->stack_info.type = STACK_TYPE_UNKNOWN;
- return;
}
EXPORT_SYMBOL_GPL(__unwind_start);
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-05-15 17:17 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-14 20:31 [PATCH -tip urgent] x86/unwind/orc: Fix error handling in __unwind_start() Josh Poimboeuf
2020-05-15 9:03 ` Miroslav Benes
2020-05-15 17:17 ` [tip: objtool/urgent] " tip-bot2 for Josh Poimboeuf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.