* [PATCH] powerpc/perf: Fix kernel address leaks via Sampling registers
@ 2018-03-04 12:15 Madhavan Srinivasan
2018-03-06 15:06 ` kbuild test robot
0 siblings, 1 reply; 3+ messages in thread
From: Madhavan Srinivasan @ 2018-03-04 12:15 UTC (permalink / raw)
To: mpe; +Cc: linuxppc-dev, Madhavan Srinivasan
From: Michael Ellerman <mpe@ellerman.id.au>
Current code in power_pmu_disable() does not clear the sampling
registers like Sampling Instruction Address Register (SAIR) and
Sampling Data Address Register (SDAR) after disabling the PMU.
Since these are userspace readable and could contain kernel
address, add code to explicitly clear the content of these registers.
Patch also adds a "context synchronizing instruction" to enforce
no further updates to these registers as mandated by PowerISA.
"If an mtspr instruction is executed that changes the
value of a Performance Monitor register other than
SIAR, SDAR, and SIER, the change is not guaranteed
to have taken effect until after a subsequent context
synchronizing instruction has been executed (see
Chapter 11. "Synchronization Requirements for Con-
text Alterations" on page 1133)."
Tested-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Reviewed-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Signed-off-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
---
arch/powerpc/perf/core-book3s.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c
index 73f997b84d19..e8754243f3cb 100644
--- a/arch/powerpc/perf/core-book3s.c
+++ b/arch/powerpc/perf/core-book3s.c
@@ -1235,6 +1235,7 @@ static void power_pmu_disable(struct pmu *pmu)
*/
write_mmcr0(cpuhw, val);
mb();
+ isync();
/*
* Disable instruction sampling if it was enabled
@@ -1243,12 +1244,22 @@ static void power_pmu_disable(struct pmu *pmu)
mtspr(SPRN_MMCRA,
cpuhw->mmcr[2] & ~MMCRA_SAMPLE_ENABLE);
mb();
+ isync();
}
cpuhw->disabled = 1;
cpuhw->n_added = 0;
ebb_switch_out(mmcr0);
+
+ /*
+ * These are readable by userspace, may contain kernel
+ * addresses and are not switched by context switch, so clear
+ * them now to avoid leaking anything to userspace in general
+ * including to another process.
+ */
+ mtspr(SPRN_SDAR, 0);
+ mtspr(SPRN_SIAR, 0);
}
local_irq_restore(flags);
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] powerpc/perf: Fix kernel address leaks via Sampling registers
2018-03-04 12:15 [PATCH] powerpc/perf: Fix kernel address leaks via Sampling registers Madhavan Srinivasan
@ 2018-03-06 15:06 ` kbuild test robot
2018-03-07 4:56 ` Madhavan Srinivasan
0 siblings, 1 reply; 3+ messages in thread
From: kbuild test robot @ 2018-03-06 15:06 UTC (permalink / raw)
To: Madhavan Srinivasan; +Cc: kbuild-all, mpe, Madhavan Srinivasan, linuxppc-dev
[-- Attachment #1: Type: text/plain, Size: 1009 bytes --]
Hi Michael,
I love your patch! Yet something to improve:
[auto build test ERROR on v4.16-rc1]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Madhavan-Srinivasan/powerpc-perf-Fix-kernel-address-leaks-via-Sampling-registers/20180306-041036
config: powerpc-pmac32_defconfig (attached as .config)
compiler: powerpc-linux-gnu-gcc (Debian 7.2.0-11) 7.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=powerpc
All errors (new ones prefixed by >>):
{standard input}: Assembler messages:
>> {standard input}:2476: Error: unsupported relocation against SPRN_SDAR
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 23336 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] powerpc/perf: Fix kernel address leaks via Sampling registers
2018-03-06 15:06 ` kbuild test robot
@ 2018-03-07 4:56 ` Madhavan Srinivasan
0 siblings, 0 replies; 3+ messages in thread
From: Madhavan Srinivasan @ 2018-03-07 4:56 UTC (permalink / raw)
Cc: mpe, linuxppc-dev
On Tuesday 06 March 2018 08:36 PM, kbuild test robot wrote:
> Hi Michael,
>
> I love your patch! Yet something to improve:
>
> [auto build test ERROR on v4.16-rc1]
> [if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
>
> url: https://github.com/0day-ci/linux/commits/Madhavan-Srinivasan/powerpc-perf-Fix-kernel-address-leaks-via-Sampling-registers/20180306-041036
> config: powerpc-pmac32_defconfig (attached as .config)
> compiler: powerpc-linux-gnu-gcc (Debian 7.2.0-11) 7.2.0
> reproduce:
> wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
> chmod +x ~/bin/make.cross
> # save the attached .config to linux build tree
> make.cross ARCH=powerpc
My bad should have added the ppmu->flag or config check to avoid this
in 32bit case. Will respin it.
Maddy
> All errors (new ones prefixed by >>):
>
> {standard input}: Assembler messages:
>>> {standard input}:2476: Error: unsupported relocation against SPRN_SDAR
> ---
> 0-DAY kernel test infrastructure Open Source Technology Center
> https://lists.01.org/pipermail/kbuild-all Intel Corporation
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-03-07 4:56 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-04 12:15 [PATCH] powerpc/perf: Fix kernel address leaks via Sampling registers Madhavan Srinivasan
2018-03-06 15:06 ` kbuild test robot
2018-03-07 4:56 ` Madhavan Srinivasan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).