From: Tony Luck <tony.luck@intel.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH] x86/mce: Fix check for processor context when machine check was taken.
Date: Sat, 19 May 2012 17:49:24 -0700 [thread overview]
Message-ID: <0169270@agluck-desktop.sc.intel.com> (raw)
Linus pointed out that checking "m->ip" was incorrect as "0" is
a legitimate value. Also we need to consider that we may have
interrupted VM86 execution (in which case "CS" isn't any use in
determining user/kernel).
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Tony Luck <tony.luck@intel.com>
---
In case you are unable to sleep at night worrying about those
poor systems that don't recover because they do the wrong thing
if there is a VM86 process running, or some malicious user has
a "jmp 0" at the base of a code segment.
Mea culpa: Andi fixed the VM86 part of this a year and
a half ago, and I failed to pick up the fix from his tree
when I took over. There are some other bits I need to pick
up too.
arch/x86/kernel/cpu/mcheck/mce-severity.c | 11 +++++------
arch/x86/kernel/cpu/mcheck/mce.c | 2 ++
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/cpu/mcheck/mce-severity.c b/arch/x86/kernel/cpu/mcheck/mce-severity.c
index 0c82091..5dfb77a 100644
--- a/arch/x86/kernel/cpu/mcheck/mce-severity.c
+++ b/arch/x86/kernel/cpu/mcheck/mce-severity.c
@@ -165,15 +165,14 @@ static struct severity {
};
/*
- * If the EIPV bit is set, it means the saved IP is the
- * instruction which caused the MCE.
+ * No need to re-check mcgstatus here. We either found a
+ * good value for "cs" on the stack earlier (or faked one
+ * for the VM86 case) - or we didn't and "m->cs" will be
+ * zero which we will treat conservatively as "IN_KERNEL".
*/
static int error_context(struct mce *m)
{
- if (m->mcgstatus & MCG_STATUS_EIPV)
- return (m->ip && (m->cs & 3) == 3) ? IN_USER : IN_KERNEL;
- /* Unknown, assume kernel */
- return IN_KERNEL;
+ return ((m->cs & 3) == 3) ? IN_USER : IN_KERNEL;
}
int mce_severity(struct mce *m, int tolerant, char **msg)
diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c
index 11c9166..a2d53f3 100644
--- a/arch/x86/kernel/cpu/mcheck/mce.c
+++ b/arch/x86/kernel/cpu/mcheck/mce.c
@@ -437,6 +437,8 @@ static inline void mce_gather_info(struct mce *m, struct pt_regs *regs)
if (m->mcgstatus & (MCG_STATUS_RIPV|MCG_STATUS_EIPV)) {
m->ip = regs->ip;
m->cs = regs->cs;
+ if (v8086_mode(regs))
+ m->cs |= 3; /* fake user mode for VM86 */
}
/* Use accurate RIP reporting if available. */
if (rip_msr)
--
1.7.9.5
reply other threads:[~2012-05-20 1:19 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0169270@agluck-desktop.sc.intel.com \
--to=tony.luck@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.