projects / pve-kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| 59d5af67 | 1 | From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| 321d628a FG |
2 | From: Josh Poimboeuf <jpoimboe@redhat.com> |
| 3 | Date: Tue, 3 Oct 2017 08:51:43 -0500 | |
| 59d5af67 | 4 | Subject: [PATCH] kprobes/x86: Set up frame pointer in kprobe trampoline |
| 321d628a FG |
5 | MIME-Version: 1.0 |
| 6 | Content-Type: text/plain; charset=UTF-8 | |
| 7 | Content-Transfer-Encoding: 8bit | |
| 8 | ||
| 9 | CVE-2017-5754 | |
| 10 | ||
| 11 | Richard Weinberger saw an unwinder warning when running bcc's opensnoop: | |
| 12 | ||
| 13 | WARNING: kernel stack frame pointer at ffff99ef4076bea0 in opensnoop:2008 has bad value 0000000000000008 | |
| 14 | unwind stack type:0 next_sp: (null) mask:0x2 graph_idx:0 | |
| 15 | ... | |
| 16 | ffff99ef4076be88: ffff99ef4076bea0 (0xffff99ef4076bea0) | |
| 17 | ffff99ef4076be90: ffffffffac442721 (optimized_callback +0x81/0x90) | |
| 18 | ... | |
| 19 | ||
| 20 | A lockdep stack trace was initiated from inside a kprobe handler, when | |
| 21 | the unwinder noticed a bad frame pointer on the stack. The bad frame | |
| 22 | pointer is related to the fact that the kprobe optprobe trampoline | |
| 23 | doesn't save the frame pointer before calling into optimized_callback(). | |
| 24 | ||
| 25 | Reported-and-tested-by: Richard Weinberger <richard@sigma-star.at> | |
| 26 | Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> | |
| 27 | Acked-by: Masami Hiramatsu <mhiramat@kernel.org> | |
| 28 | Cc: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com> | |
| 29 | Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> | |
| 30 | Cc: David S . Miller <davem@davemloft.net> | |
| 31 | Cc: Linus Torvalds <torvalds@linux-foundation.org> | |
| 32 | Cc: Peter Zijlstra <peterz@infradead.org> | |
| 33 | Cc: Thomas Gleixner <tglx@linutronix.de> | |
| 34 | Link: http://lkml.kernel.org/r/7aef2f8ecd75c2f505ef9b80490412262cf4a44c.1507038547.git.jpoimboe@redhat.com | |
| 35 | Signed-off-by: Ingo Molnar <mingo@kernel.org> | |
| 36 | (cherry picked from commit ee213fc72fd67d0988525af501534f4cb924d1e9) | |
| 37 | Signed-off-by: Andy Whitcroft <apw@canonical.com> | |
| 38 | Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> | |
| 39 | (cherry picked from commit 0f7d5518c91335584b16c7bed1c54c10b78ea76a) | |
| 40 | Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> | |
| 41 | --- | |
| 42 | arch/x86/kernel/kprobes/common.h | 13 +++++++++++-- | |
| 43 | 1 file changed, 11 insertions(+), 2 deletions(-) | |
| 44 | ||
| 45 | diff --git a/arch/x86/kernel/kprobes/common.h b/arch/x86/kernel/kprobes/common.h | |
| 46 | index db2182d63ed0..3fc0f9a794cb 100644 | |
| 47 | --- a/arch/x86/kernel/kprobes/common.h | |
| 48 | +++ b/arch/x86/kernel/kprobes/common.h | |
| 49 | @@ -3,6 +3,15 @@ | |
| 50 | ||
| 51 | /* Kprobes and Optprobes common header */ | |
| 52 | ||
| 53 | +#include <asm/asm.h> | |
| 54 | + | |
| 55 | +#ifdef CONFIG_FRAME_POINTER | |
| 56 | +# define SAVE_RBP_STRING " push %" _ASM_BP "\n" \ | |
| 57 | + " mov %" _ASM_SP ", %" _ASM_BP "\n" | |
| 58 | +#else | |
| 59 | +# define SAVE_RBP_STRING " push %" _ASM_BP "\n" | |
| 60 | +#endif | |
| 61 | + | |
| 62 | #ifdef CONFIG_X86_64 | |
| 63 | #define SAVE_REGS_STRING \ | |
| 64 | /* Skip cs, ip, orig_ax. */ \ | |
| 65 | @@ -17,7 +26,7 @@ | |
| 66 | " pushq %r10\n" \ | |
| 67 | " pushq %r11\n" \ | |
| 68 | " pushq %rbx\n" \ | |
| 69 | - " pushq %rbp\n" \ | |
| 70 | + SAVE_RBP_STRING \ | |
| 71 | " pushq %r12\n" \ | |
| 72 | " pushq %r13\n" \ | |
| 73 | " pushq %r14\n" \ | |
| 74 | @@ -48,7 +57,7 @@ | |
| 75 | " pushl %es\n" \ | |
| 76 | " pushl %ds\n" \ | |
| 77 | " pushl %eax\n" \ | |
| 78 | - " pushl %ebp\n" \ | |
| 79 | + SAVE_RBP_STRING \ | |
| 80 | " pushl %edi\n" \ | |
| 81 | " pushl %esi\n" \ | |
| 82 | " pushl %edx\n" \ | |
| 83 | -- | |
| 84 | 2.14.2 | |
| 85 |