From: tip-bot for Mitsuo Hayasaka <mitsuo.hayasaka.hu@hitachi.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@redhat.com,
rdunlap@xenotime.net, tglx@linutronix.de, mingo@elte.hu,
mitsuo.hayasaka.hu@hitachi.com
Subject: [tip:x86/debug] x86: Add user_mode_vm check in stack_overflow_check
Date: Mon, 5 Dec 2011 05:17:34 -0800 [thread overview]
Message-ID: <tip-69682b625a043b567873e6cda397969b502f0054@git.kernel.org> (raw)
In-Reply-To: <20111129060821.11076.55315.stgit@ltc219.sdl.hitachi.co.jp>
Commit-ID: 69682b625a043b567873e6cda397969b502f0054
Gitweb: http://git.kernel.org/tip/69682b625a043b567873e6cda397969b502f0054
Author: Mitsuo Hayasaka <mitsuo.hayasaka.hu@hitachi.com>
AuthorDate: Tue, 29 Nov 2011 15:08:21 +0900
Committer: Ingo Molnar <mingo@elte.hu>
CommitDate: Mon, 5 Dec 2011 11:28:25 +0100
x86: Add user_mode_vm check in stack_overflow_check
The kernel stack overflow is checked in stack_overflow_check(),
which may wrongly detect the overflow if the stack pointer in
user space points to the kernel stack intentionally or
accidentally. So, the actual overflow is never detected after
this misdetection because WARN_ONCE() is used on the detection
of it.
This patch adds user-mode-vm checking before it to avoid this
problem and bails out early if the user stack is used.
Signed-off-by: Mitsuo Hayasaka <mitsuo.hayasaka.hu@hitachi.com>
Cc: yrl.pp-manager.tt@hitachi.com
Cc: Randy Dunlap <rdunlap@xenotime.net>
Link: http://lkml.kernel.org/r/20111129060821.11076.55315.stgit@ltc219.sdl.hitachi.co.jp
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: "H. Peter Anvin" <hpa@zytor.com>
---
arch/x86/kernel/irq_64.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
index acf8fbf..69bca46 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
@@ -38,6 +38,9 @@ static inline void stack_overflow_check(struct pt_regs *regs)
#ifdef CONFIG_DEBUG_STACKOVERFLOW
u64 curbase = (u64)task_stack_page(current);
+ if (user_mode_vm(regs))
+ return;
+
WARN_ONCE(regs->sp >= curbase &&
regs->sp <= curbase + THREAD_SIZE &&
regs->sp < curbase + sizeof(struct thread_info) +
next prev parent reply other threads:[~2011-12-05 13:17 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-29 6:08 [PATCH -v2 0/4] x86: check stack overflows more reliably Mitsuo Hayasaka
2011-11-29 6:08 ` [PATCH -v2 1/4] [BUGFIX] x86: add user_mode_vm check in stack_overflow_check Mitsuo Hayasaka
2011-12-05 13:17 ` tip-bot for Mitsuo Hayasaka [this message]
2011-11-29 6:08 ` [PATCH -v2 2/4] x86: check stack overflow in detail Mitsuo Hayasaka
2011-12-05 13:18 ` [tip:x86/debug] x86: Check " tip-bot for Mitsuo Hayasaka
2011-11-29 6:08 ` [PATCH -v2 3/4] x86: panic on detection of stack overflow Mitsuo Hayasaka
2011-12-05 13:19 ` [tip:x86/debug] x86: Panic " tip-bot for Mitsuo Hayasaka
2011-12-05 13:26 ` [tip:x86/debug] x86: Fix the 32-bit stackoverflow-debug build tip-bot for Ingo Molnar
2011-11-29 6:08 ` [PATCH -v2 4/4] x86: cleanup the range of stack overflow checking Mitsuo Hayasaka
2011-12-05 13:19 ` [tip:x86/debug] x86: Clean up " tip-bot for Mitsuo Hayasaka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-69682b625a043b567873e6cda397969b502f0054@git.kernel.org \
--to=mitsuo.hayasaka.hu@hitachi.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=rdunlap@xenotime.net \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).