Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1012206yba; Thu, 4 Apr 2019 02:24:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqxxkoRjX8JKt0XkFeOr93R0MB5WfRLVmk2HidiUkg4e0hCdnCesGzP913SHXzKQU5MckxHu X-Received: by 2002:a62:4649:: with SMTP id t70mr4788662pfa.100.1554369849141; Thu, 04 Apr 2019 02:24:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554369849; cv=none; d=google.com; s=arc-20160816; b=YxulE/rM8FzmdoB0N3FcXZmPod5vZ4iL/dbvmCJO/IM6oHKIBt48hEiAyxbGHjflEd rXEOzniTZtNiEr/RLMgbHgYre4PXGmYH1dQ9sbNhz/Ts0Q8nU3R4hXDGAOcNkiIfDPOn i1NFMSDYzHkaG9kxoKpdF5W4EN40f/sUBsm/o5taZaQaovOKBiYr8OTH037XntfPlykl kJ+nxCbfmghNSQofCHBKKtmEx+L54+AoGnipAyEFK3TIibPZX9B87TIFWbgtdl3uzDlY CzBA56gqqN7qewaIXc11Gq4NJY3fm+/51j5agyJu8Rih2q0/1fbah5t1TMQmOJcghoIY GZPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=zDq3qSm2cTQfEvRfpmGsu2/g3d/mW+Fis/gM3rgSvBo=; b=vxmHB//7/qZaJoCYllzMBPMkIxMmCdnCVNo1NlhSgdBtzc1qXDJRkXm4L0CGJ6GcFR JL447ZqPOB67V3csy+U+bdLA7/uDrUjUkmiEAUDcxLfHsX4NYRucVzs8aQwCZemwiE9y 9tX9AWVjdIWprXucPI1KTh8M5PtqbjuQ+C/MnkNRxxVhNsLWL9WJAYGNUCjY1OgpT8kZ d2ZUJf0u/aoCLQVAf6ZOs6vm6J1mCTQVWN8ZO3sGCfECX+7fFyJebV13DAwEyWVI3dgu t1Bb8D8IyBMx0bSuQ1jOJ0BPumUSGCvw8ozPF7LTjZpAA8r4+UHDt6PHW6DzOM5iPY+7 MfKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Z19kwOAv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j187si16421099pfc.251.2019.04.04.02.23.53; Thu, 04 Apr 2019 02:24:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Z19kwOAv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388306AbfDDJVz (ORCPT + 99 others); Thu, 4 Apr 2019 05:21:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:57720 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387837AbfDDJQb (ORCPT ); Thu, 4 Apr 2019 05:16:31 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 8E4F02075E; Thu, 4 Apr 2019 09:16:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1554369390; bh=s6eXzHXf1Gb/WWIJ21y16FBgIVn0UoVG9Mj8WD0eQII=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Z19kwOAvzrgpa1SnRwr7DdGXiJwOOnFYWBSzkBuYZFWNYT0DQHTesHiVY0fPFJvyB FmbnIPw/1MvKbN2ItWLL+wkfqDDvANNlfmmkoV8QSTH9t6+FHUPdTIZrAWiq+IMek7 1Ishygm5QJjCeNSt8fsCeVGTwOPN9pQu7ZbvQQiU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Joe Lawrence , Nicolai Stange , Michael Ellerman , Sasha Levin Subject: [PATCH 5.0 190/246] powerpc/64s: Clear on-stack exception marker upon exception return Date: Thu, 4 Apr 2019 10:48:10 +0200 Message-Id: <20190404084625.838266088@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190404084619.236418459@linuxfoundation.org> References: <20190404084619.236418459@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 5.0-stable review patch. If anyone has any objections, please let me know. ------------------ [ Upstream commit eddd0b332304d554ad6243942f87c2fcea98c56b ] The ppc64 specific implementation of the reliable stacktracer, save_stack_trace_tsk_reliable(), bails out and reports an "unreliable trace" whenever it finds an exception frame on the stack. Stack frames are classified as exception frames if the STACK_FRAME_REGS_MARKER magic, as written by exception prologues, is found at a particular location. However, as observed by Joe Lawrence, it is possible in practice that non-exception stack frames can alias with prior exception frames and thus, that the reliable stacktracer can find a stale STACK_FRAME_REGS_MARKER on the stack. It in turn falsely reports an unreliable stacktrace and blocks any live patching transition to finish. Said condition lasts until the stack frame is overwritten/initialized by function call or other means. In principle, we could mitigate this by making the exception frame classification condition in save_stack_trace_tsk_reliable() stronger: in addition to testing for STACK_FRAME_REGS_MARKER, we could also take into account that for all exceptions executing on the kernel stack - their stack frames's backlink pointers always match what is saved in their pt_regs instance's ->gpr[1] slot and that - their exception frame size equals STACK_INT_FRAME_SIZE, a value uncommonly large for non-exception frames. However, while these are currently true, relying on them would make the reliable stacktrace implementation more sensitive towards future changes in the exception entry code. Note that false negatives, i.e. not detecting exception frames, would silently break the live patching consistency model. Furthermore, certain other places (diagnostic stacktraces, perf, xmon) rely on STACK_FRAME_REGS_MARKER as well. Make the exception exit code clear the on-stack STACK_FRAME_REGS_MARKER for those exceptions running on the "normal" kernel stack and returning to kernelspace: because the topmost frame is ignored by the reliable stack tracer anyway, returns to userspace don't need to take care of clearing the marker. Furthermore, as I don't have the ability to test this on Book 3E or 32 bits, limit the change to Book 3S and 64 bits. Fixes: df78d3f61480 ("powerpc/livepatch: Implement reliable stack tracing for the consistency model") Reported-by: Joe Lawrence Signed-off-by: Nicolai Stange Signed-off-by: Joe Lawrence Signed-off-by: Michael Ellerman Signed-off-by: Sasha Levin --- arch/powerpc/kernel/entry_64.S | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/powerpc/kernel/entry_64.S b/arch/powerpc/kernel/entry_64.S index 435927f549c4..a2c168b395d2 100644 --- a/arch/powerpc/kernel/entry_64.S +++ b/arch/powerpc/kernel/entry_64.S @@ -1002,6 +1002,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR) ld r2,_NIP(r1) mtspr SPRN_SRR0,r2 + /* + * Leaving a stale exception_marker on the stack can confuse + * the reliable stack unwinder later on. Clear it. + */ + li r2,0 + std r2,STACK_FRAME_OVERHEAD-16(r1) + ld r0,GPR0(r1) ld r2,GPR2(r1) ld r3,GPR3(r1) -- 2.19.1