Received: by 10.223.185.116 with SMTP id b49csp4172356wrg; Mon, 19 Feb 2018 12:30:54 -0800 (PST) X-Google-Smtp-Source: AH8x224V6SPg78orqL5W16jtp124uDvtaowqgzYjAobk9QOOK1utt2vWW3CTMqzFFj7NqOgITCjK X-Received: by 10.101.69.67 with SMTP id x3mr13262707pgr.69.1519072254584; Mon, 19 Feb 2018 12:30:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519072254; cv=none; d=google.com; s=arc-20160816; b=J0AHnxojHqAp4sK9eh8E4u3WjNCuisAgBXap4pxg31up5iE3WKvKcQZIHxeZ/kb0n3 s7XIzYFzks6a7qIpCXR5MEikZeWHJfUncVd6rhicryx+RoXBaefmAHDOy+p5+iFObqBw or7SMoaaOrMUjPiX5pIiir09MBN2arBi0qFoDUcJaCFAtFcBYBYx9jPvlnD/SH6u49kj M7u9lTbCbfqXVYFcb9VX4HykODX8GnEIeJ4orjOjyBsGmbnjnvzuAA+myG+oSSKOlPsz l2FtRu/wOkAnDLAT8Ut+MuRBWvVBxfwnRFVQX+IvmPiaCC3w+23LIL6U0L9oSCKaOLTN tyjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=w7M2cwE69LWZDzsGe+CEOUnEfxXb49P9LrT0x+haKhs=; b=R3gIYhycOQD21gD96HgJ9WEfCfFgfRdxUYLfMrIiJWZNZO11b9WRFqm6m/OcgkLn55 ENrUQ1py+FOy/SqO5Sntsnzffd4UbTVLXFNj1UfoyKh4f4fsYF2aG6sXVSMpkXV1Q/yx xRWPMzhBHlpL1zWmulYKwNgFDlKoEK5afZhJkyTkDD658DW7C2LIiI8ay+Ilr7o3+3Ht KuKXy3GULEHyhrbb9GoQ26DS7LB6lCodtTcX0xVni6DFfYJYwoxJi4EH8TEJd9flu7BU eRp25PfXBzX8YI+AoejBqF5M11AjUHDoskgugF1SACJw85tbZK2PzaqAGi6DsLoeUe2T Vslw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c9-v6si12173458pli.257.2018.02.19.12.30.40; Mon, 19 Feb 2018 12:30:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932196AbeBSUaD (ORCPT + 99 others); Mon, 19 Feb 2018 15:30:03 -0500 Received: from mail.skyhub.de ([5.9.137.197]:37720 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932214AbeBSU2v (ORCPT ); Mon, 19 Feb 2018 15:28:51 -0500 X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de Received: from mail.skyhub.de ([127.0.0.1]) by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id sTkhsvXEqN45; Mon, 19 Feb 2018 21:28:49 +0100 (CET) Received: from pd.tnic (p200300EC2BC81D00F5823ED58EA92312.dip0.t-ipconnect.de [IPv6:2003:ec:2bc8:1d00:f582:3ed5:8ea9:2312]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 872CE1EC08BF; Mon, 19 Feb 2018 21:28:49 +0100 (CET) From: Borislav Petkov To: X86 ML Cc: Peter Zijlstra , Josh Poimboeuf , Andy Lutomirski , LKML Subject: [PATCH 0/5] x86/dumpstack: Cleanups and user opcode bytes Code: section Date: Mon, 19 Feb 2018 21:28:21 +0100 Message-Id: <20180219202826.19797-1-bp@alien8.de> X-Mailer: git-send-email 2.13.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Borislav Petkov Hi, so I've been thinking about doing this for a while now: be able to dump the opcode bytes around the user rIP just like we do for kernel faults. Why? See patch 5's commit message. That's why I've marked it RFC. The rest is cleanups: we're copying the opcodes byte-by-byte and that's just wasteful. Also, we're using probe_kernel_read() underneath and it does __copy_from_user_inatomic() which makes copying user opcode bytes trivial. With that, it looks like this: [ 696.837457] strsep[1733]: segfault at 40066b ip 00007fad558fccf8 sp 00007ffc5e662520 error 7 in libc-2.26.so[7fad55876000+1ad000] [ 696.837538] Code: 1b 48 89 fd 48 89 df e8 77 99 f9 ff 48 01 d8 80 38 00 75 17 48 c7 45 00 00 00 00 00 48 83 c4 08 48 89 d8 5b 5d c3 0f 1f 44 00 00 00 00 48 83 c0 01 48 89 45 00 48 83 c4 08 48 89 d8 5b 5d c3 and the code matches, as expected: 0000000000086cc0 <__strsep_g@@GLIBC_2.2.5>: 86cc0: 55 push %rbp 86cc1: 53 push %rbx 86cc2: 48 83 ec 08 sub $0x8,%rsp 86cc6: 48 8b 1f mov (%rdi),%rbx 86cc9: 48 85 db test %rbx,%rbx 86ccc: 74 1b je 86ce9 <__strsep_g@@GLIBC_2.2.5+0x29> 86cce: 48 89 fd mov %rdi,%rbp 86cd1: 48 89 df mov %rbx,%rdi 86cd4: e8 77 99 f9 ff callq 20650 <*ABS*+0x854e0@plt> 86cd9: 48 01 d8 add %rbx,%rax 86cdc: 80 38 00 cmpb $0x0,(%rax) 86cdf: 75 17 jne 86cf8 <__strsep_g@@GLIBC_2.2.5+0x38> 86ce1: 48 c7 45 00 00 00 00 movq $0x0,0x0(%rbp) 86ce8: 00 86ce9: 48 83 c4 08 add $0x8,%rsp 86ced: 48 89 d8 mov %rbx,%rax 86cf0: 5b pop %rbx 86cf1: 5d pop %rbp 86cf2: c3 retq 86cf3: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 86cf8: c6 00 00 movb $0x0,(%rax) 86cfb: 48 83 c0 01 add $0x1,%rax 86cff: 48 89 45 00 mov %rax,0x0(%rbp) 86d03: 48 83 c4 08 add $0x8,%rsp 86d07: 48 89 d8 mov %rbx,%rax 86d0a: 5b pop %rbx 86d0b: 5d pop %rbp 86d0c: c3 retq Comments and suggestions are welcome! Thx. Borislav Petkov (5): x86/dumpstack: Unify show_regs() x86/dumpstack: Carve out Code: dumping into a function x86/dumpstack: Improve opcodes dumping in the Code: section x86/dumpstack: Add loglevel argument to show_opcodes() x86/fault: Dump user opcode bytes on fatal faults arch/x86/include/asm/stacktrace.h | 3 +- arch/x86/kernel/dumpstack.c | 64 +++++++++++++++++++++++++++++++++++++-- arch/x86/kernel/dumpstack_32.c | 42 ------------------------- arch/x86/kernel/dumpstack_64.c | 42 ------------------------- arch/x86/mm/fault.c | 7 +++-- 5 files changed, 68 insertions(+), 90 deletions(-) -- 2.13.0