Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp31567imm; Mon, 4 Jun 2018 12:27:50 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKtGp2c8IlrKMSs6vAIRPdJB9DJ2exGU/FDpy9IuvetFLiL03AN6oore8ky8gD8tn/UHqT/ X-Received: by 2002:a63:9e42:: with SMTP id r2-v6mr18154167pgo.436.1528140470120; Mon, 04 Jun 2018 12:27:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528140470; cv=none; d=google.com; s=arc-20160816; b=RnMuJiu8kzJ6s4OC3gFACmVGnjNJvSnYAlgjCB7N9zzZTDUlAHk6U+5sgxnO8agt4Z LHd1lxde2yJe0r7DWbQUcIHhoBO7rbA0vdHVRet+zCW7ydroX8q+SCzX1QH+D+4d55VP m9PVw5PlPNjZdo6425HsAzpJ0vuw3Bmvuxf/HnpEsU1SNUV+fsOK80t/HcSbUPz//goE i0lBWPH33r92cfg+NpMrI1m1mIYxhU6kesFtm9cUYDc17JdJIa7PH0xT138q/CreWZA6 zIzhr5VuE/f0A0PsKhO9CHZ/PsRVyeUCPcvP2jPp8OEHr82IamRhPo8RSC8ghvm/gGlP rWoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=f1T0O80I55Zk+EttnbhkDBKLawuHDLr6Hl7ESN66xyE=; b=jK1Ul+o0J+zy3W6wJl2qIjqwrcRx/IOI/sqRCNDyOz8lLpEHY0SVYDc5FRbKXHwx6W ILUUXz9bSbziCrwZvB6SqN4pFkjkjA3UAmb2WIQocgik6ZBsG/rF2foXa77X7i70HVSe 1jmbL1JG7+hRcBP3XFYcBj77HHJbGlIGkBQC+G3/XKZDqsHt6uTJ8lIdMI6H0qCXBSCH PNbYTxXt+d0weMXaYraWX8SSwQ9hiub2hgHXWsJXUYvTSggk7jmOralEdmj76PrFpDEe LICg9TEiP5pvMwTtFnOPIaGFMPckqB2hdY2h3927n4MKO8tKYghaQopaT/VfiKJFNXJB IGBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 61-v6si46445438plz.290.2018.06.04.12.27.35; Mon, 04 Jun 2018 12:27:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751445AbeFDTZn (ORCPT + 99 others); Mon, 4 Jun 2018 15:25:43 -0400 Received: from mga05.intel.com ([192.55.52.43]:40504 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751099AbeFDTYq (ORCPT ); Mon, 4 Jun 2018 15:24:46 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Jun 2018 12:24:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,476,1520924400"; d="scan'208";a="64240678" Received: from chang-linux-2.sc.intel.com ([10.3.52.139]) by orsmga002.jf.intel.com with ESMTP; 04 Jun 2018 12:24:45 -0700 From: "Chang S. Bae" To: Andy Lutomirski , "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar Cc: Andi Kleen , Dave Hansen , Markus T Metzger , "Ravi V . Shankar" , "Chang S . Bae" , LKML Subject: [PATCH 2/6] x86/fsgsbase/64: Make ptrace read FS/GS base accurately Date: Mon, 4 Jun 2018 12:24:25 -0700 Message-Id: <1528140269-26205-3-git-send-email-chang.seok.bae@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1528140269-26205-1-git-send-email-chang.seok.bae@intel.com> References: <1528140269-26205-1-git-send-email-chang.seok.bae@intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andy Lutomirski ptrace can read FS/GS base using the register access API (PTRACE_PEEKUSER, etc) or PTRACE_ARCH_PRCTL. Make both of these mechanisms return the actual FS/GS base. This will improve debuggability by providing the correct information to ptracer (GDB and etc). Signed-off-by: Andy Lutomirski [chang: Rebase and revise patch description] Signed-off-by: Chang S. Bae Reviewed-by: Andi Kleen Cc: H. Peter Anvin Cc: Dave Hansen Cc: Thomas Gleixner Cc: Ingo Molnar --- arch/x86/kernel/process_64.c | 67 +++++++++++++++++++++++++++++++++----------- 1 file changed, 51 insertions(+), 16 deletions(-) diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index ace0158..e498671 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -279,6 +279,49 @@ static __always_inline void load_seg_legacy(unsigned short prev_index, } } +static unsigned long task_seg_base(struct task_struct *task, + unsigned short selector) +{ + unsigned short idx = selector >> 3; + unsigned long base; + + if (likely((selector & SEGMENT_TI_MASK) == 0)) { + if (unlikely(idx >= GDT_ENTRIES)) + return 0; + + /* + * There are no user segments in the GDT with nonzero bases + * other than the TLS segments. + */ + if (idx < GDT_ENTRY_TLS_MIN || idx > GDT_ENTRY_TLS_MAX) + return 0; + + idx -= GDT_ENTRY_TLS_MIN; + base = get_desc_base(&task->thread.tls_array[idx]); + } else { +#ifdef CONFIG_MODIFY_LDT_SYSCALL + struct ldt_struct *ldt; + + /* + * If performance here mattered, we could protect the LDT + * with RCU. This is a slow path, though, so we can just + * take the mutex. + */ + mutex_lock(&task->mm->context.lock); + ldt = task->mm->context.ldt; + if (unlikely(idx >= ldt->nr_entries)) + base = 0; + else + base = get_desc_base(ldt->entries + idx); + mutex_unlock(&task->mm->context.lock); +#else + base = 0; +#endif + } + + return base; +} + void write_fsbase(unsigned long fsbase) { /* set the selector to 0 to not confuse __switch_to */ @@ -297,16 +340,12 @@ unsigned long read_task_fsbase(struct task_struct *task) { unsigned long fsbase; - if (task == current) { + if (task == current) fsbase = read_fsbase(); - } else { - /* - * XXX: This will not behave as expected if called - * if fsindex != 0. This preserves an existing bug - * that will be fixed. - */ + else if (task->thread.fsindex == 0) fsbase = task->thread.fsbase; - } + else + fsbase = task_seg_base(task, task->thread.fsindex); return fsbase; } @@ -315,16 +354,12 @@ unsigned long read_task_gsbase(struct task_struct *task) { unsigned long gsbase; - if (task == current) { + if (task == current) gsbase = read_inactive_gsbase(); - } else { - /* - * XXX: This will not behave as expected if called - * if gsindex != 0. Same bug preservation as above - * read_task_fsbase. - */ + else if (task->thread.gsindex == 0) gsbase = task->thread.gsbase; - } + else + gsbase = task_seg_base(task, task->thread.gsindex); return gsbase; } -- 2.7.4