Merge branch 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull misc x86 updates from Ingo Molnar:
"Misc changes:
- Enhance #GP fault printouts by distinguishing between canonical and
non-canonical address faults, and also add KASAN fault decoding.
- Fix/enhance the x86 NMI handler by putting the duration check into
a direct function call instead of an irq_work which we know to be
broken in some cases.
- Clean up do_general_protection() a bit"
* 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/nmi: Remove irq_work from the long duration NMI handler
x86/traps: Cleanup do_general_protection()
x86/kasan: Print original address on #GP
x86/dumpstack: Introduce die_addr() for die() with #GP fault address
x86/traps: Print address on #GP
x86/insn-eval: Add support for 64-bit kernel mode
This commit is contained in:
Linus Torvalds
@@ -56,6 +56,8 @@
|
||||
#include <asm/mpx.h>
|
||||
#include <asm/vm86.h>
|
||||
#include <asm/umip.h>
|
||||
#include <asm/insn.h>
|
||||
#include <asm/insn-eval.h>
|
||||
|
||||
#ifdef CONFIG_X86_64
|
||||
#include <asm/x86_init.h>
|
||||
@@ -518,11 +520,57 @@ exit_trap:
|
||||
do_trap(X86_TRAP_BR, SIGSEGV, "bounds", regs, error_code, 0, NULL);
|
||||
}
|
||||
|
||||
dotraplinkage void
|
||||
do_general_protection(struct pt_regs *regs, long error_code)
|
||||
enum kernel_gp_hint {
|
||||
GP_NO_HINT,
|
||||
GP_NON_CANONICAL,
|
||||
GP_CANONICAL
|
||||
};
|
||||
|
||||
/*
|
||||
* When an uncaught #GP occurs, try to determine the memory address accessed by
|
||||
* the instruction and return that address to the caller. Also, try to figure
|
||||
* out whether any part of the access to that address was non-canonical.
|
||||
*/
|
||||
static enum kernel_gp_hint get_kernel_gp_address(struct pt_regs *regs,
|
||||
unsigned long *addr)
|
||||
{
|
||||
const char *desc = "general protection fault";
|
||||
u8 insn_buf[MAX_INSN_SIZE];
|
||||
struct insn insn;
|
||||
|
||||
if (probe_kernel_read(insn_buf, (void *)regs->ip, MAX_INSN_SIZE))
|
||||
return GP_NO_HINT;
|
||||
|
||||
kernel_insn_init(&insn, insn_buf, MAX_INSN_SIZE);
|
||||
insn_get_modrm(&insn);
|
||||
insn_get_sib(&insn);
|
||||
|
||||
*addr = (unsigned long)insn_get_addr_ref(&insn, regs);
|
||||
if (*addr == -1UL)
|
||||
return GP_NO_HINT;
|
||||
|
||||
#ifdef CONFIG_X86_64
|
||||
/*
|
||||
* Check that:
|
||||
* - the operand is not in the kernel half
|
||||
* - the last byte of the operand is not in the user canonical half
|
||||
*/
|
||||
if (*addr < ~__VIRTUAL_MASK &&
|
||||
*addr + insn.opnd_bytes - 1 > __VIRTUAL_MASK)
|
||||
return GP_NON_CANONICAL;
|
||||
#endif
|
||||
|
||||
return GP_CANONICAL;
|
||||
}
|
||||
|
||||
#define GPFSTR "general protection fault"
|
||||
|
||||
dotraplinkage void do_general_protection(struct pt_regs *regs, long error_code)
|
||||
{
|
||||
char desc[sizeof(GPFSTR) + 50 + 2*sizeof(unsigned long) + 1] = GPFSTR;
|
||||
enum kernel_gp_hint hint = GP_NO_HINT;
|
||||
struct task_struct *tsk;
|
||||
unsigned long gp_addr;
|
||||
int ret;
|
||||
|
||||
RCU_LOCKDEP_WARN(!rcu_is_watching(), "entry code didn't wake RCU");
|
||||
cond_local_irq_enable(regs);
|
||||
@@ -539,34 +587,56 @@ do_general_protection(struct pt_regs *regs, long error_code)
|
||||
}
|
||||
|
||||
tsk = current;
|
||||
if (!user_mode(regs)) {
|
||||
if (fixup_exception(regs, X86_TRAP_GP, error_code, 0))
|
||||
return;
|
||||
|
||||
if (user_mode(regs)) {
|
||||
tsk->thread.error_code = error_code;
|
||||
tsk->thread.trap_nr = X86_TRAP_GP;
|
||||
|
||||
/*
|
||||
* To be potentially processing a kprobe fault and to
|
||||
* trust the result from kprobe_running(), we have to
|
||||
* be non-preemptible.
|
||||
*/
|
||||
if (!preemptible() && kprobe_running() &&
|
||||
kprobe_fault_handler(regs, X86_TRAP_GP))
|
||||
return;
|
||||
show_signal(tsk, SIGSEGV, "", desc, regs, error_code);
|
||||
force_sig(SIGSEGV);
|
||||
|
||||
if (notify_die(DIE_GPF, desc, regs, error_code,
|
||||
X86_TRAP_GP, SIGSEGV) != NOTIFY_STOP)
|
||||
die(desc, regs, error_code);
|
||||
return;
|
||||
}
|
||||
|
||||
if (fixup_exception(regs, X86_TRAP_GP, error_code, 0))
|
||||
return;
|
||||
|
||||
tsk->thread.error_code = error_code;
|
||||
tsk->thread.trap_nr = X86_TRAP_GP;
|
||||
|
||||
show_signal(tsk, SIGSEGV, "", desc, regs, error_code);
|
||||
/*
|
||||
* To be potentially processing a kprobe fault and to trust the result
|
||||
* from kprobe_running(), we have to be non-preemptible.
|
||||
*/
|
||||
if (!preemptible() &&
|
||||
kprobe_running() &&
|
||||
kprobe_fault_handler(regs, X86_TRAP_GP))
|
||||
return;
|
||||
|
||||
ret = notify_die(DIE_GPF, desc, regs, error_code, X86_TRAP_GP, SIGSEGV);
|
||||
if (ret == NOTIFY_STOP)
|
||||
return;
|
||||
|
||||
if (error_code)
|
||||
snprintf(desc, sizeof(desc), "segment-related " GPFSTR);
|
||||
else
|
||||
hint = get_kernel_gp_address(regs, &gp_addr);
|
||||
|
||||
if (hint != GP_NO_HINT)
|
||||
snprintf(desc, sizeof(desc), GPFSTR ", %s 0x%lx",
|
||||
(hint == GP_NON_CANONICAL) ? "probably for non-canonical address"
|
||||
: "maybe for address",
|
||||
gp_addr);
|
||||
|
||||
/*
|
||||
* KASAN is interested only in the non-canonical case, clear it
|
||||
* otherwise.
|
||||
*/
|
||||
if (hint != GP_NON_CANONICAL)
|
||||
gp_addr = 0;
|
||||
|
||||
die_addr(desc, regs, error_code, gp_addr);
|
||||
|
||||
force_sig(SIGSEGV);
|
||||
}
|
||||
NOKPROBE_SYMBOL(do_general_protection);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user