x86/process: Don't mix user/kernel regs in 64bit __show_regs()

When the kernel.print-fatal-signals sysctl has been enabled, a simple userspace crash will cause the kernel to write a crash dump that contains, among other things, the kernel gsbase into dmesg. As suggested by Andy, limit output to pt_regs, FS_BASE and KERNEL_GS_BASE in this case. This also moves the bitness-specific logic from show_regs() into process_{32,64}.c. Fixes: 45807a1df9f5 ("vdso: print fatal signals") Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Borislav Petkov <bpetkov@suse.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/20180831194151.123586-1-jannh@google.com
author: Jann Horn <jannh@google.com> 2018-08-31 15:41:51 -0400
committer: Thomas Gleixner <tglx@linutronix.de> 2018-09-06 08:33:12 -0400
commit: 9fe6299dde587788f245e9f7a5a1b296fad4e8c7 (patch)
tree: 45fd4582b522ebfe51c990470f409ba66ba22f17
parent: 17f6bac2249356c795339e03a0742cd79be3cab8 (diff)
4 files changed, 26 insertions, 13 deletions
diff --git a/arch/x86/include/asm/kdebug.h b/arch/x86/include/asm/kdebug.h
index 395c9631e000..75f1e35e7c15 100644
--- a/arch/x86/include/asm/kdebug.h
+++ b/arch/x86/include/asm/kdebug.h
@@ -22,10 +22,20 @@ enum die_val {
        DIE_NMIUNKNOWN,
 };
+enum show_regs_mode {
+        SHOW_REGS_SHORT,
+        /*
+         * For when userspace crashed, but we don't think it's our fault, and
+         * therefore don't print kernel registers.
+         */
+        SHOW_REGS_USER,
+        SHOW_REGS_ALL
+};
 extern void die(const char *, struct pt_regs *,long);
 extern int __must_check __die(const char *, struct pt_regs *, long);
 extern void show_stack_regs(struct pt_regs *regs);
-extern void __show_regs(struct pt_regs *regs, int all);
+extern void __show_regs(struct pt_regs *regs, enum show_regs_mode);
 extern void show_iret_regs(struct pt_regs *regs);
 extern unsigned long oops_begin(void);
 extern void oops_end(unsigned long, struct pt_regs *, int signr);
diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index f56895106ccf..2b5886401e5f 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -146,7 +146,7 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs,
         * they can be printed in the right context.
         */
        if (!partial && on_stack(info, regs, sizeof(*regs))) {
-                __show_regs(regs, 0);
+                __show_regs(regs, SHOW_REGS_SHORT);
        } else if (partial && on_stack(info, (void *)regs + IRET_FRAME_OFFSET,
                                       IRET_FRAME_SIZE)) {
@@ -344,7 +344,7 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr)
        oops_exit();
        /* Executive summary in case the oops scrolled away */
-        __show_regs(&exec_summary_regs, true);
+        __show_regs(&exec_summary_regs, SHOW_REGS_ALL);
        if (!signr)
                return;
@@ -407,14 +407,9 @@ void die(const char *str, struct pt_regs *regs, long err)
 void show_regs(struct pt_regs *regs)
 {
-        bool all = true;
        show_regs_print_info(KERN_DEFAULT);
-        if (IS_ENABLED(CONFIG_X86_32))
+        __show_regs(regs, user_mode(regs) ? SHOW_REGS_USER : SHOW_REGS_ALL);
-                all = !user_mode(regs);
-        __show_regs(regs, all);
        /*
         * When in-kernel, we also print out the stack at the time of the fault..
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 2924fd447e61..5046a3c9dec2 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -59,7 +59,7 @@
 #include <asm/intel_rdt_sched.h>
 #include <asm/proto.h>
-void __show_regs(struct pt_regs *regs, int all)
+void __show_regs(struct pt_regs *regs, enum show_regs_mode mode)
 {
        unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L;
        unsigned long d0, d1, d2, d3, d6, d7;
@@ -85,7 +85,7 @@ void __show_regs(struct pt_regs *regs, int all)
        printk(KERN_DEFAULT "DS: %04x ES: %04x FS: %04x GS: %04x SS: %04x EFLAGS: %08lx\n",
               (u16)regs->ds, (u16)regs->es, (u16)regs->fs, gs, ss, regs->flags);
-        if (!all)
+        if (mode != SHOW_REGS_ALL)
                return;
        cr0 = read_cr0();
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index a451bc374b9b..ea5ea850348d 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -62,7 +62,7 @@
 __visible DEFINE_PER_CPU(unsigned long, rsp_scratch);
 /* Prints also some state that isn't saved in the pt_regs */
-void __show_regs(struct pt_regs *regs, int all)
+void __show_regs(struct pt_regs *regs, enum show_regs_mode mode)
 {
        unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L, fs, gs, shadowgs;
        unsigned long d0, d1, d2, d3, d6, d7;
@@ -87,9 +87,17 @@ void __show_regs(struct pt_regs *regs, int all)
        printk(KERN_DEFAULT "R13: %016lx R14: %016lx R15: %016lx\n",
               regs->r13, regs->r14, regs->r15);
-        if (!all)
+        if (mode == SHOW_REGS_SHORT)
                return;
+        if (mode == SHOW_REGS_USER) {
+                rdmsrl(MSR_FS_BASE, fs);
+                rdmsrl(MSR_KERNEL_GS_BASE, shadowgs);
+                printk(KERN_DEFAULT "FS:  %016lx GS:  %016lx\n",
+                       fs, shadowgs);
+                return;
+        }
        asm("movl %%ds,%0" : "=r" (ds));
        asm("movl %%cs,%0" : "=r" (cs));
        asm("movl %%es,%0" : "=r" (es));
author	Jann Horn <jannh@google.com>	2018-08-31 15:41:51 -0400
committer	Thomas Gleixner <tglx@linutronix.de>	2018-09-06 08:33:12 -0400
commit	9fe6299dde587788f245e9f7a5a1b296fad4e8c7 (patch)
tree	45fd4582b522ebfe51c990470f409ba66ba22f17
parent	17f6bac2249356c795339e03a0742cd79be3cab8 (diff)