powerpc/livepatch: relax reliable stack tracer checks for first-frame

The bottom-most stack frame (the first to be unwound) may be largely uninitialized, for the "Power Architecture 64-Bit ELF V2 ABI" only requires its backchain pointer to be set. The reliable stack tracer should be careful when verifying this frame: skip checks on STACK_FRAME_LR_SAVE and STACK_FRAME_MARKER offsets that may contain uninitialized residual data. Fixes: df78d3f61480 ("powerpc/livepatch: Implement reliable stack tracing for the consistency model") Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
author: Joe Lawrence <joe.lawrence@redhat.com> 2019-01-22 10:57:22 -0500
committer: Michael Ellerman <mpe@ellerman.id.au> 2019-01-31 00:43:38 -0500
commit: 18be37603de81674e41a0b0282326a0debc1696e (patch)
tree: cc3e5a0d4b83b5bc0517b5c2b6dcda029931d797
parent: a50d3250d7ae34c561177a1f9cfb79816fcbcff1 (diff)
1 files changed, 24 insertions, 8 deletions
diff --git a/arch/powerpc/kernel/stacktrace.c b/arch/powerpc/kernel/stacktrace.c
index e2c50b55138f..06688f4d557b 100644
--- a/arch/powerpc/kernel/stacktrace.c
+++ b/arch/powerpc/kernel/stacktrace.c
@@ -84,6 +84,12 @@ save_stack_trace_regs(struct pt_regs *regs, struct stack_trace *trace)
 EXPORT_SYMBOL_GPL(save_stack_trace_regs);
 #ifdef CONFIG_HAVE_RELIABLE_STACKTRACE
+/*
+ * This function returns an error if it detects any unreliable features of the
+ * stack.  Otherwise it guarantees that the stack trace is reliable.
+ *
+ * If the task is not 'current', the caller *must* ensure the task is inactive.
+ */
 int
 save_stack_trace_tsk_reliable(struct task_struct *tsk,
                                struct stack_trace *trace)
@@ -142,12 +148,6 @@ save_stack_trace_tsk_reliable(struct task_struct *tsk,
                if (sp & 0xF)
                        return 1;
-                /* Mark stacktraces with exception frames as unreliable. */
-                if (sp <= stack_end - STACK_INT_FRAME_SIZE &&
-                    stack[STACK_FRAME_MARKER] == STACK_FRAME_REGS_MARKER) {
-                        return 1;
-                }
                newsp = stack[0];
                /* Stack grows downwards; unwinder may only go up. */
                if (newsp <= sp)
@@ -158,11 +158,26 @@ save_stack_trace_tsk_reliable(struct task_struct *tsk,
                        return 1; /* invalid backlink, too far up. */
                }
+                /*
+                 * We can only trust the bottom frame's backlink, the
+                 * rest of the frame may be uninitialized, continue to
+                 * the next.
+                 */
+                if (firstframe) {
+                        firstframe = 0;
+                        goto next;
+                }
+                /* Mark stacktraces with exception frames as unreliable. */
+                if (sp <= stack_end - STACK_INT_FRAME_SIZE &&
+                    stack[STACK_FRAME_MARKER] == STACK_FRAME_REGS_MARKER) {
+                        return 1;
+                }
                /* Examine the saved LR: it must point into kernel code. */
                ip = stack[STACK_FRAME_LR_SAVE];
-                if (!firstframe && !__kernel_text_address(ip))
+                if (!__kernel_text_address(ip))
                        return 1;
-                firstframe = 0;
                /*
                 * FIXME: IMHO these tests do not belong in
@@ -183,6 +198,7 @@ save_stack_trace_tsk_reliable(struct task_struct *tsk,
                else
                        trace->skip--;
+next:
                if (newsp == stack_end)
                        break;
author	Joe Lawrence <joe.lawrence@redhat.com>	2019-01-22 10:57:22 -0500
committer	Michael Ellerman <mpe@ellerman.id.au>	2019-01-31 00:43:38 -0500
commit	18be37603de81674e41a0b0282326a0debc1696e (patch)
tree	cc3e5a0d4b83b5bc0517b5c2b6dcda029931d797
parent	a50d3250d7ae34c561177a1f9cfb79816fcbcff1 (diff)