1 files changed, 81 insertions, 0 deletions
diff --git a/arch/x86/kernel/step.c b/arch/x86/kernel/step.c
index 21ea22fda5fc..5884dd485db8 100644
--- a/arch/x86/kernel/step.c
+++ b/arch/x86/kernel/step.c
@@ -6,6 +6,87 @@
 #include <linux/ptrace.h>
 #ifdef CONFIG_X86_32
+#include <linux/uaccess.h>
+#include <asm/desc.h>
+/*
+ * Return EIP plus the CS segment base.  The segment limit is also
+ * adjusted, clamped to the kernel/user address space (whichever is
+ * appropriate), and returned in *eip_limit.
+ *
+ * The segment is checked, because it might have been changed by another
+ * task between the original faulting instruction and here.
+ *
+ * If CS is no longer a valid code segment, or if EIP is beyond the
+ * limit, or if it is a kernel address when CS is not a kernel segment,
+ * then the returned value will be greater than *eip_limit.
+ *
+ * This is slow, but is very rarely executed.
+ */
+unsigned long get_segment_eip(struct pt_regs *regs,
+                                            unsigned long *eip_limit)
+{
+        unsigned long ip = regs->ip;
+        unsigned seg = regs->cs & 0xffff;
+        u32 seg_ar, seg_limit, base, *desc;
+        /* Unlikely, but must come before segment checks. */
+        if (unlikely(regs->flags & VM_MASK)) {
+                base = seg << 4;
+                *eip_limit = base + 0xffff;
+                return base + (ip & 0xffff);
+        }
+        /* The standard kernel/user address space limit. */
+        *eip_limit = user_mode(regs) ? USER_DS.seg : KERNEL_DS.seg;
+        /* By far the most common cases. */
+        if (likely(SEGMENT_IS_FLAT_CODE(seg)))
+                return ip;
+        /* Check the segment exists, is within the current LDT/GDT size,
+           that kernel/user (ring 0..3) has the appropriate privilege,
+           that it's a code segment, and get the limit. */
+        __asm__("larl %3,%0; lsll %3,%1"
+                 : "=&r" (seg_ar), "=r" (seg_limit) : "0" (0), "rm" (seg));
+        if ((~seg_ar & 0x9800) || ip > seg_limit) {
+                *eip_limit = 0;
+                return 1;        /* So that returned ip > *eip_limit. */
+        }
+        /* Get the GDT/LDT descriptor base.
+           When you look for races in this code remember that
+           LDT and other horrors are only used in user space. */
+        if (seg & (1<<2)) {
+                /* Must lock the LDT while reading it. */
+                mutex_lock(&current->mm->context.lock);
+                desc = current->mm->context.ldt;
+                desc = (void *)desc + (seg & ~7);
+        } else {
+                /* Must disable preemption while reading the GDT. */
+                desc = (u32 *)get_cpu_gdt_table(get_cpu());
+                desc = (void *)desc + (seg & ~7);
+        }
+        /* Decode the code segment base from the descriptor */
+        base = get_desc_base((struct desc_struct *)desc);
+        if (seg & (1<<2))
+                mutex_unlock(&current->mm->context.lock);
+        else
+                put_cpu();
+        /* Adjust EIP and segment limit, and clamp at the kernel limit.
+           It's legitimate for segments to wrap at 0xffffffff. */
+        seg_limit += base;
+        if (seg_limit < *eip_limit && seg_limit >= base)
+                *eip_limit = seg_limit;
+        return ip + base;
+}
+#endif
+#ifdef CONFIG_X86_32
 static
 #endif
 unsigned long convert_rip_to_linear(struct task_struct *child, struct pt_regs *regs)

diff --git a/arch/x86/kernel/step.c b/arch/x86/kernel/step.c index 21ea22fda5fc..5884dd485db8 100644 --- a/arch/x86/kernel/step.c +++ b/arch/x86/kernel/step.c
@@ -6,6 +6,87 @@
6	#include <linux/ptrace.h>	6	#include <linux/ptrace.h>
7		7
8	#ifdef CONFIG_X86_32	8	#ifdef CONFIG_X86_32
		9	#include <linux/uaccess.h>
		10
		11	#include <asm/desc.h>
		12
		13	/*
		14	* Return EIP plus the CS segment base. The segment limit is also
		15	* adjusted, clamped to the kernel/user address space (whichever is
		16	* appropriate), and returned in *eip_limit.
		17	*
		18	* The segment is checked, because it might have been changed by another
		19	* task between the original faulting instruction and here.
		20	*
		21	* If CS is no longer a valid code segment, or if EIP is beyond the
		22	* limit, or if it is a kernel address when CS is not a kernel segment,
		23	* then the returned value will be greater than *eip_limit.
		24	*
		25	* This is slow, but is very rarely executed.
		26	*/
		27	unsigned long get_segment_eip(struct pt_regs *regs,
		28	unsigned long *eip_limit)
		29	{
		30	unsigned long ip = regs->ip;
		31	unsigned seg = regs->cs & 0xffff;
		32	u32 seg_ar, seg_limit, base, *desc;
		33
		34	/* Unlikely, but must come before segment checks. */
		35	if (unlikely(regs->flags & VM_MASK)) {
		36	base = seg << 4;
		37	*eip_limit = base + 0xffff;
		38	return base + (ip & 0xffff);
		39	}
		40
		41	/* The standard kernel/user address space limit. */
		42	*eip_limit = user_mode(regs) ? USER_DS.seg : KERNEL_DS.seg;
		43
		44	/* By far the most common cases. */
		45	if (likely(SEGMENT_IS_FLAT_CODE(seg)))
		46	return ip;
		47
		48	/* Check the segment exists, is within the current LDT/GDT size,
		49	that kernel/user (ring 0..3) has the appropriate privilege,
		50	that it's a code segment, and get the limit. */
		51	__asm__("larl %3,%0; lsll %3,%1"
		52	: "=&r" (seg_ar), "=r" (seg_limit) : "0" (0), "rm" (seg));
		53	if ((~seg_ar & 0x9800) \|\| ip > seg_limit) {
		54	*eip_limit = 0;
		55	return 1; /* So that returned ip > eip_limit. /
		56	}
		57
		58	/* Get the GDT/LDT descriptor base.
		59	When you look for races in this code remember that
		60	LDT and other horrors are only used in user space. */
		61	if (seg & (1<<2)) {
		62	/* Must lock the LDT while reading it. */
		63	mutex_lock(&current->mm->context.lock);
		64	desc = current->mm->context.ldt;
		65	desc = (void *)desc + (seg & ~7);
		66	} else {
		67	/* Must disable preemption while reading the GDT. */
		68	desc = (u32 *)get_cpu_gdt_table(get_cpu());
		69	desc = (void *)desc + (seg & ~7);
		70	}
		71
		72	/* Decode the code segment base from the descriptor */
		73	base = get_desc_base((struct desc_struct *)desc);
		74
		75	if (seg & (1<<2))
		76	mutex_unlock(&current->mm->context.lock);
		77	else
		78	put_cpu();
		79
		80	/* Adjust EIP and segment limit, and clamp at the kernel limit.
		81	It's legitimate for segments to wrap at 0xffffffff. */
		82	seg_limit += base;
		83	if (seg_limit < *eip_limit && seg_limit >= base)
		84	*eip_limit = seg_limit;
		85	return ip + base;
		86	}
		87	#endif
		88
		89	#ifdef CONFIG_X86_32
9	static	90	static
10	#endif	91	#endif
11	unsigned long convert_rip_to_linear(struct task_struct child, struct pt_regs regs)	92	unsigned long convert_rip_to_linear(struct task_struct child, struct pt_regs regs)