From: madvenka@linux.microsoft.com To: broonie@kernel.org, mark.rutland@arm.com, jpoimboe@redhat.com, ardb@kernel.org, nobuta.keiya@fujitsu.com, sjitindarsingh@gmail.com, catalin.marinas@arm.com, will@kernel.org, jmorris@namei.org, pasha.tatashin@soleen.com, jthierry@redhat.com, linux-arm-kernel@lists.infradead.org, live-patching@vger.kernel.org, linux-kernel@vger.kernel.org, madvenka@linux.microsoft.com Subject: [RFC PATCH v6 2/3] arm64: Introduce stack trace reliability checks in the unwinder Date: Wed, 30 Jun 2021 17:33:55 -0500 [thread overview] Message-ID: <20210630223356.58714-3-madvenka@linux.microsoft.com> (raw) In-Reply-To: <20210630223356.58714-1-madvenka@linux.microsoft.com> From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com> The unwinder should check for the presence of various features and conditions that can render the stack trace unreliable. Introduce a function unwind_check_frame() for this purpose. Introduce the first reliability check in unwind_check_frame() - If a return PC is not a valid kernel text address, consider the stack trace unreliable. It could be some generated code. Other reliability checks will be added in the future. If a reliability check fails, it is a non-fatal error. Introduce a new return code, UNWIND_CONTINUE_WITH_RISK, for non-fatal errors. Call unwind_check_frame() from unwind_frame(). Also, call it from start_backtrace() to remove the current assumption that the starting frame is reliable. Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com> --- arch/arm64/include/asm/stacktrace.h | 4 +++- arch/arm64/kernel/stacktrace.c | 17 ++++++++++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/stacktrace.h b/arch/arm64/include/asm/stacktrace.h index 6fcd58553fb1..d1625d55b980 100644 --- a/arch/arm64/include/asm/stacktrace.h +++ b/arch/arm64/include/asm/stacktrace.h @@ -32,6 +32,7 @@ struct stack_info { enum unwind_rc { UNWIND_CONTINUE, /* No errors encountered */ + UNWIND_CONTINUE_WITH_RISK, /* Non-fatal errors encountered */ UNWIND_ABORT, /* Fatal errors encountered */ UNWIND_FINISH, /* End of stack reached successfully */ }; @@ -73,6 +74,7 @@ extern void walk_stackframe(struct task_struct *tsk, struct stackframe *frame, bool (*fn)(void *, unsigned long), void *data); extern void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk, const char *loglvl); +extern enum unwind_rc unwind_check_frame(struct stackframe *frame); DECLARE_PER_CPU(unsigned long *, irq_stack_ptr); @@ -176,7 +178,7 @@ static inline enum unwind_rc start_backtrace(struct stackframe *frame, bitmap_zero(frame->stacks_done, __NR_STACK_TYPES); frame->prev_fp = 0; frame->prev_type = STACK_TYPE_UNKNOWN; - return UNWIND_CONTINUE; + return unwind_check_frame(frame); } #endif /* __ASM_STACKTRACE_H */ diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c index e9c2c1fa9dde..ba7b97b119e4 100644 --- a/arch/arm64/kernel/stacktrace.c +++ b/arch/arm64/kernel/stacktrace.c @@ -18,6 +18,21 @@ #include <asm/stack_pointer.h> #include <asm/stacktrace.h> +/* + * Check the stack frame for conditions that make unwinding unreliable. + */ +enum unwind_rc unwind_check_frame(struct stackframe *frame) +{ + /* + * If the PC is not a known kernel text address, then we cannot + * be sure that a subsequent unwind will be reliable, as we + * don't know that the code follows our unwind requirements. + */ + if (!__kernel_text_address(frame->pc)) + return UNWIND_CONTINUE_WITH_RISK; + return UNWIND_CONTINUE; +} + /* * AArch64 PCS assigns the frame pointer to x29. * @@ -109,7 +124,7 @@ enum unwind_rc notrace unwind_frame(struct task_struct *tsk, frame->pc = ptrauth_strip_insn_pac(frame->pc); - return UNWIND_CONTINUE; + return unwind_check_frame(frame); } NOKPROBE_SYMBOL(unwind_frame); -- 2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: madvenka@linux.microsoft.com To: broonie@kernel.org, mark.rutland@arm.com, jpoimboe@redhat.com, ardb@kernel.org, nobuta.keiya@fujitsu.com, sjitindarsingh@gmail.com, catalin.marinas@arm.com, will@kernel.org, jmorris@namei.org, pasha.tatashin@soleen.com, jthierry@redhat.com, linux-arm-kernel@lists.infradead.org, live-patching@vger.kernel.org, linux-kernel@vger.kernel.org, madvenka@linux.microsoft.com Subject: [RFC PATCH v6 2/3] arm64: Introduce stack trace reliability checks in the unwinder Date: Wed, 30 Jun 2021 17:33:55 -0500 [thread overview] Message-ID: <20210630223356.58714-3-madvenka@linux.microsoft.com> (raw) In-Reply-To: <20210630223356.58714-1-madvenka@linux.microsoft.com> From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com> The unwinder should check for the presence of various features and conditions that can render the stack trace unreliable. Introduce a function unwind_check_frame() for this purpose. Introduce the first reliability check in unwind_check_frame() - If a return PC is not a valid kernel text address, consider the stack trace unreliable. It could be some generated code. Other reliability checks will be added in the future. If a reliability check fails, it is a non-fatal error. Introduce a new return code, UNWIND_CONTINUE_WITH_RISK, for non-fatal errors. Call unwind_check_frame() from unwind_frame(). Also, call it from start_backtrace() to remove the current assumption that the starting frame is reliable. Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com> --- arch/arm64/include/asm/stacktrace.h | 4 +++- arch/arm64/kernel/stacktrace.c | 17 ++++++++++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/stacktrace.h b/arch/arm64/include/asm/stacktrace.h index 6fcd58553fb1..d1625d55b980 100644 --- a/arch/arm64/include/asm/stacktrace.h +++ b/arch/arm64/include/asm/stacktrace.h @@ -32,6 +32,7 @@ struct stack_info { enum unwind_rc { UNWIND_CONTINUE, /* No errors encountered */ + UNWIND_CONTINUE_WITH_RISK, /* Non-fatal errors encountered */ UNWIND_ABORT, /* Fatal errors encountered */ UNWIND_FINISH, /* End of stack reached successfully */ }; @@ -73,6 +74,7 @@ extern void walk_stackframe(struct task_struct *tsk, struct stackframe *frame, bool (*fn)(void *, unsigned long), void *data); extern void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk, const char *loglvl); +extern enum unwind_rc unwind_check_frame(struct stackframe *frame); DECLARE_PER_CPU(unsigned long *, irq_stack_ptr); @@ -176,7 +178,7 @@ static inline enum unwind_rc start_backtrace(struct stackframe *frame, bitmap_zero(frame->stacks_done, __NR_STACK_TYPES); frame->prev_fp = 0; frame->prev_type = STACK_TYPE_UNKNOWN; - return UNWIND_CONTINUE; + return unwind_check_frame(frame); } #endif /* __ASM_STACKTRACE_H */ diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c index e9c2c1fa9dde..ba7b97b119e4 100644 --- a/arch/arm64/kernel/stacktrace.c +++ b/arch/arm64/kernel/stacktrace.c @@ -18,6 +18,21 @@ #include <asm/stack_pointer.h> #include <asm/stacktrace.h> +/* + * Check the stack frame for conditions that make unwinding unreliable. + */ +enum unwind_rc unwind_check_frame(struct stackframe *frame) +{ + /* + * If the PC is not a known kernel text address, then we cannot + * be sure that a subsequent unwind will be reliable, as we + * don't know that the code follows our unwind requirements. + */ + if (!__kernel_text_address(frame->pc)) + return UNWIND_CONTINUE_WITH_RISK; + return UNWIND_CONTINUE; +} + /* * AArch64 PCS assigns the frame pointer to x29. * @@ -109,7 +124,7 @@ enum unwind_rc notrace unwind_frame(struct task_struct *tsk, frame->pc = ptrauth_strip_insn_pac(frame->pc); - return UNWIND_CONTINUE; + return unwind_check_frame(frame); } NOKPROBE_SYMBOL(unwind_frame); -- 2.25.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-06-30 22:34 UTC|newest] Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <3f2aab69a35c243c5e97f47c4ad84046355f5b90> 2021-06-30 22:33 ` [RFC PATCH v6 0/3] arm64: Implement stack trace reliability checks madvenka 2021-06-30 22:33 ` madvenka 2021-06-30 22:33 ` [RFC PATCH v6 1/3] arm64: Improve the unwinder return value madvenka 2021-06-30 22:33 ` madvenka 2021-07-28 16:56 ` Mark Rutland 2021-07-28 16:56 ` Mark Rutland 2021-07-29 13:54 ` Madhavan T. Venkataraman 2021-07-29 13:54 ` Madhavan T. Venkataraman 2021-06-30 22:33 ` madvenka [this message] 2021-06-30 22:33 ` [RFC PATCH v6 2/3] arm64: Introduce stack trace reliability checks in the unwinder madvenka 2021-06-30 22:33 ` [RFC PATCH v6 3/3] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka 2021-06-30 22:33 ` madvenka 2021-07-28 17:25 ` Mark Rutland 2021-07-28 17:25 ` Mark Rutland 2021-07-29 14:06 ` Madhavan T. Venkataraman 2021-07-29 14:06 ` Madhavan T. Venkataraman 2021-07-29 14:52 ` Mark Brown 2021-07-29 14:52 ` Mark Brown 2021-07-29 17:07 ` Madhavan T. Venkataraman 2021-07-29 17:07 ` Madhavan T. Venkataraman 2021-07-29 15:48 ` Mark Rutland 2021-07-29 15:48 ` Mark Rutland 2021-07-29 16:27 ` Mark Brown 2021-07-29 16:27 ` Mark Brown 2021-07-29 17:09 ` Madhavan T. Venkataraman 2021-07-29 17:09 ` Madhavan T. Venkataraman 2021-07-26 13:49 ` [RFC PATCH v6 0/3] arm64: Implement stack trace reliability checks Madhavan T. Venkataraman 2021-07-26 13:49 ` Madhavan T. Venkataraman 2021-08-12 13:24 ` [RFC PATCH v7 0/4] arm64: Reorganize the unwinder and implement " madvenka 2021-08-12 13:24 ` madvenka 2021-08-12 13:24 ` [RFC PATCH v7 1/4] arm64: Make all stack walking functions use arch_stack_walk() madvenka 2021-08-12 13:24 ` madvenka 2021-08-12 15:23 ` Mark Brown 2021-08-12 15:23 ` Mark Brown 2021-08-12 16:30 ` Madhavan T. Venkataraman 2021-08-12 16:30 ` Madhavan T. Venkataraman 2021-08-12 20:59 ` kernel test robot 2021-08-12 13:24 ` [RFC PATCH v7 2/4] arm64: Reorganize the unwinder code for better consistency and maintenance madvenka 2021-08-12 13:24 ` madvenka 2021-08-12 13:24 ` [RFC PATCH v7 3/4] arm64: Introduce stack trace reliability checks in the unwinder madvenka 2021-08-12 13:24 ` madvenka 2021-08-12 13:24 ` [RFC PATCH v7 4/4] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka 2021-08-12 13:24 ` madvenka 2021-08-12 18:53 ` kernel test robot 2021-08-12 18:31 ` [RFC PATCH v7 0/4] arm64: Reorganize the unwinder and implement stack trace reliability checks Madhavan T. Venkataraman 2021-08-12 18:31 ` Madhavan T. Venkataraman 2021-08-12 18:45 ` Madhavan T. Venkataraman 2021-08-12 18:45 ` Madhavan T. Venkataraman 2021-08-12 18:35 ` madvenka 2021-08-12 18:35 ` madvenka 2021-08-12 18:35 ` [RFC PATCH v7 1/4] arm64: Make all stack walking functions use arch_stack_walk() madvenka 2021-08-12 18:35 ` madvenka 2021-08-12 18:35 ` [RFC PATCH v7 2/4] arm64: Reorganize the unwinder code for better consistency and maintenance madvenka 2021-08-12 18:35 ` madvenka 2021-08-12 18:35 ` [RFC PATCH v7 3/4] arm64: Introduce stack trace reliability checks in the unwinder madvenka 2021-08-12 18:35 ` madvenka 2021-08-12 18:35 ` [RFC PATCH v7 4/4] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka 2021-08-12 18:35 ` madvenka
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210630223356.58714-3-madvenka@linux.microsoft.com \ --to=madvenka@linux.microsoft.com \ --cc=ardb@kernel.org \ --cc=broonie@kernel.org \ --cc=catalin.marinas@arm.com \ --cc=jmorris@namei.org \ --cc=jpoimboe@redhat.com \ --cc=jthierry@redhat.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=live-patching@vger.kernel.org \ --cc=mark.rutland@arm.com \ --cc=nobuta.keiya@fujitsu.com \ --cc=pasha.tatashin@soleen.com \ --cc=sjitindarsingh@gmail.com \ --cc=will@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.