diff options
| author | Masami Hiramatsu <mhiramat@redhat.com> | 2009-02-05 17:12:39 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-02-05 20:01:50 -0500 |
| commit | 9be260a646bf76fa418ee519afa10196b3164681 (patch) | |
| tree | 8d829aa2c36cc81b62f9fbe36da83a3f89626db5 /arch | |
| parent | 767b5828ad9a1b435488b5d39b5a66aeef4d25e4 (diff) | |
prevent kprobes from catching spurious page faults
Prevent kprobes from catching spurious faults which will cause infinite
recursive page-fault and memory corruption by stack overflow.
Signed-off-by: Masami Hiramatsu <mhiramat@redhat.com>
Cc: <stable@kernel.org> [2.6.28.x]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/mm/fault.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 90dfae511a41..c76ef1d701c9 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c | |||
| @@ -603,8 +603,6 @@ void __kprobes do_page_fault(struct pt_regs *regs, unsigned long error_code) | |||
| 603 | 603 | ||
| 604 | si_code = SEGV_MAPERR; | 604 | si_code = SEGV_MAPERR; |
| 605 | 605 | ||
| 606 | if (notify_page_fault(regs)) | ||
| 607 | return; | ||
| 608 | if (unlikely(kmmio_fault(regs, address))) | 606 | if (unlikely(kmmio_fault(regs, address))) |
| 609 | return; | 607 | return; |
| 610 | 608 | ||
| @@ -634,6 +632,9 @@ void __kprobes do_page_fault(struct pt_regs *regs, unsigned long error_code) | |||
| 634 | if (spurious_fault(address, error_code)) | 632 | if (spurious_fault(address, error_code)) |
| 635 | return; | 633 | return; |
| 636 | 634 | ||
| 635 | /* kprobes don't want to hook the spurious faults. */ | ||
| 636 | if (notify_page_fault(regs)) | ||
| 637 | return; | ||
| 637 | /* | 638 | /* |
| 638 | * Don't take the mm semaphore here. If we fixup a prefetch | 639 | * Don't take the mm semaphore here. If we fixup a prefetch |
| 639 | * fault we could otherwise deadlock. | 640 | * fault we could otherwise deadlock. |
| @@ -641,6 +642,9 @@ void __kprobes do_page_fault(struct pt_regs *regs, unsigned long error_code) | |||
| 641 | goto bad_area_nosemaphore; | 642 | goto bad_area_nosemaphore; |
| 642 | } | 643 | } |
| 643 | 644 | ||
| 645 | /* kprobes don't want to hook the spurious faults. */ | ||
| 646 | if (notify_page_fault(regs)) | ||
| 647 | return; | ||
| 644 | 648 | ||
| 645 | /* | 649 | /* |
| 646 | * It's safe to allow irq's after cr2 has been saved and the | 650 | * It's safe to allow irq's after cr2 has been saved and the |