From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Josh Poimboeuf <jpoimboe@redhat.com>,
Vince Weaver <vincent.weaver@maine.edu>, Dave Jones <dsj@fb.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
Joe Mario <jmario@redhat.com>, Jann Horn <jannh@google.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Miroslav Benes <mbenes@suse.cz>, Ingo Molnar <mingo@kernel.org>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.14 12/39] x86/entry/64: Fix unwind hints in kernel exit path
Date: Thu, 14 May 2020 14:54:29 -0400 [thread overview]
Message-ID: <20200514185456.21060-12-sashal@kernel.org> (raw)
In-Reply-To: <20200514185456.21060-1-sashal@kernel.org>
From: Josh Poimboeuf <jpoimboe@redhat.com>
[ Upstream commit 1fb143634a38095b641a3a21220774799772dc4c ]
In swapgs_restore_regs_and_return_to_usermode, after the stack is
switched to the trampoline stack, the existing UNWIND_HINT_REGS hint is
no longer valid, which can result in the following ORC unwinder warning:
WARNING: can't dereference registers at 000000003aeb0cdd for ip swapgs_restore_regs_and_return_to_usermode+0x93/0xa0
For full correctness, we could try to add complicated unwind hints so
the unwinder could continue to find the registers, but when when it's
this close to kernel exit, unwind hints aren't really needed anymore and
it's fine to just use an empty hint which tells the unwinder to stop.
For consistency, also move the UNWIND_HINT_EMPTY in
entry_SYSCALL_64_after_hwframe to a similar location.
Fixes: 3e3b9293d392 ("x86/entry/64: Return to userspace from the trampoline stack")
Reported-by: Vince Weaver <vincent.weaver@maine.edu>
Reported-by: Dave Jones <dsj@fb.com>
Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reported-by: Joe Mario <jmario@redhat.com>
Reported-by: Jann Horn <jannh@google.com>
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/60ea8f562987ed2d9ace2977502fe481c0d7c9a0.1587808742.git.jpoimboe@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/x86/entry/entry_64.S | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index 5ec66fafde4e4..d4d72c84d9eb4 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -302,7 +302,6 @@ GLOBAL(entry_SYSCALL_64_after_hwframe)
*/
syscall_return_via_sysret:
/* rcx and r11 are already restored (see code above) */
- UNWIND_HINT_EMPTY
POP_REGS pop_rdi=0 skip_r11rcx=1
/*
@@ -311,6 +310,7 @@ syscall_return_via_sysret:
*/
movq %rsp, %rdi
movq PER_CPU_VAR(cpu_tss_rw + TSS_sp0), %rsp
+ UNWIND_HINT_EMPTY
pushq RSP-RDI(%rdi) /* RSP */
pushq (%rdi) /* RDI */
@@ -606,6 +606,7 @@ GLOBAL(swapgs_restore_regs_and_return_to_usermode)
*/
movq %rsp, %rdi
movq PER_CPU_VAR(cpu_tss_rw + TSS_sp0), %rsp
+ UNWIND_HINT_EMPTY
/* Copy the IRET frame to the trampoline stack. */
pushq 6*8(%rdi) /* SS */
--
2.20.1
next prev parent reply other threads:[~2020-05-14 19:02 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 18:54 [PATCH AUTOSEL 4.14 01/39] Makefile: disallow data races on gcc-10 as well Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 02/39] gcc-common.h: Update for GCC 10 Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 03/39] HID: multitouch: add eGalaxTouch P80H84 support Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 04/39] batman-adv: fix batadv_nc_random_weight_tq Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 05/39] batman-adv: Fix refcnt leak in batadv_show_throughput_override Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 06/39] batman-adv: Fix refcnt leak in batadv_store_throughput_override Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 07/39] batman-adv: Fix refcnt leak in batadv_v_ogm_process Sasha Levin
[not found] ` <20200514185456.21060-1-sashal-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 08/39] phy: tegra: Select USB_COMMON for usb_get_maximum_speed() Sasha Levin
2020-05-14 18:54 ` Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 09/39] scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 10/39] objtool: Fix stack offset tracking for indirect CFAs Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 11/39] x86/entry/64: Fix unwind hints in register clearing code Sasha Levin
2020-05-14 18:54 ` Sasha Levin [this message]
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 13/39] x86/entry/64: Fix unwind hints in rewind_stack_do_exit() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 14/39] x86/unwind/orc: Don't skip the first frame for inactive tasks Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 15/39] x86/unwind/orc: Fix error path for bad ORC entry type Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 16/39] configfs: fix config_item refcnt leak in configfs_rmdir() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 17/39] vhost/vsock: fix packet delivery order to monitoring devices Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 18/39] bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 19/39] net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 20/39] component: Silence bind error on -EPROBE_DEFER Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 21/39] scsi: ibmvscsi: Fix WARN_ON during event pool release Sasha Levin
2020-05-14 18:54 ` Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 22/39] net/mlx5: Fix forced completion access non initialized command entry Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 23/39] net/mlx5: Fix command entry leak in Internal Error State Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 24/39] dp83640: reverse arguments to list_add_tail Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 25/39] soc: qcom: ipa: IPA endpoints Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 26/39] net: ipa: fix a bug in ipa_endpoint_stop() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 27/39] net: macsec: preserve ingress frame ordering Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 28/39] net: moxa: Fix a potential double 'free_irq()' Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 29/39] x86/apic: Move TSC deadline timer debug printk Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 30/39] gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 31/39] virtio-blk: handle block_device_operations callbacks after hot unplug Sasha Levin
2020-05-14 18:54 ` Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 32/39] net: usb: qmi_wwan: add support for DW5816e Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 33/39] ceph: fix double unlock in handle_cap_export() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 34/39] net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 35/39] USB: core: Fix misleading driver bug report Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 36/39] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 37/39] ARM: futex: Address build warning Sasha Levin
2020-05-14 18:54 ` Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 38/39] scripts/decodecode: fix trapping instruction formatting Sasha Levin
2020-05-14 18:54 ` [PATCH AUTOSEL 4.14 39/39] crypto: xts - simplify error handling in ->create() Sasha Levin
2020-05-14 19:08 ` Eric Biggers
2020-05-15 0:55 ` Sasha Levin
2020-05-16 1:35 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200514185456.21060-12-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=dgilbert@redhat.com \
--cc=dsj@fb.com \
--cc=jannh@google.com \
--cc=jmario@redhat.com \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mbenes@suse.cz \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vincent.weaver@maine.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.