All of lore.kernel.org
 help / color / mirror / Atom feed
From: madvenka@linux.microsoft.com
To: mark.rutland@arm.com, broonie@kernel.org, jpoimboe@redhat.com,
	ardb@kernel.org, nobuta.keiya@fujitsu.com,
	sjitindarsingh@gmail.com, catalin.marinas@arm.com,
	will@kernel.org, jmorris@namei.org,
	linux-arm-kernel@lists.infradead.org,
	live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
	madvenka@linux.microsoft.com
Subject: [PATCH v13 08/11] arm64: Introduce stack trace reliability checks in the unwinder
Date: Mon, 17 Jan 2022 08:56:05 -0600	[thread overview]
Message-ID: <20220117145608.6781-9-madvenka@linux.microsoft.com> (raw)
In-Reply-To: <20220117145608.6781-1-madvenka@linux.microsoft.com>

From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>

There are some kernel features and conditions that make a stack trace
unreliable. Callers may require the unwinder to detect these cases.
E.g., livepatch.

Introduce a new function called unwind_check_reliability() that will
detect these cases and set a flag in the stack frame. Call
unwind_check_reliability() for every frame in unwind().

Introduce the first reliability check in unwind_check_reliability() - If
a return PC is not a valid kernel text address, consider the stack
trace unreliable. It could be some generated code. Other reliability checks
will be added in the future.

Let unwind() return a boolean to indicate if the stack trace is
reliable.

Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
---
 arch/arm64/include/asm/stacktrace.h |  3 +++
 arch/arm64/kernel/stacktrace.c      | 28 ++++++++++++++++++++++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/stacktrace.h b/arch/arm64/include/asm/stacktrace.h
index c11b048ffd0e..26eba9d7e5c7 100644
--- a/arch/arm64/include/asm/stacktrace.h
+++ b/arch/arm64/include/asm/stacktrace.h
@@ -57,6 +57,8 @@ struct stack_info {
  * @final_fp	 Pointer to the final frame.
  *
  * @failed:      Unwind failed.
+ *
+ * @reliable:    Stack trace is reliable.
  */
 struct unwind_state {
 	unsigned long fp;
@@ -70,6 +72,7 @@ struct unwind_state {
 	struct task_struct *task;
 	unsigned long final_fp;
 	bool failed;
+	bool reliable;
 };
 
 extern void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk,
diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
index 73fc6b5ee6fd..3dc0374e83f7 100644
--- a/arch/arm64/kernel/stacktrace.c
+++ b/arch/arm64/kernel/stacktrace.c
@@ -18,6 +18,25 @@
 #include <asm/stack_pointer.h>
 #include <asm/stacktrace.h>
 
+/*
+ * Check the stack frame for conditions that make further unwinding unreliable.
+ */
+static void unwind_check_reliability(struct unwind_state *state)
+{
+	if (state->fp == state->final_fp) {
+		/* Final frame; no more unwind, no need to check reliability */
+		return;
+	}
+
+	/*
+	 * If the PC is not a known kernel text address, then we cannot
+	 * be sure that a subsequent unwind will be reliable, as we
+	 * don't know that the code follows our unwind requirements.
+	 */
+	if (!__kernel_text_address(state->pc))
+		state->reliable = false;
+}
+
 /*
  * AArch64 PCS assigns the frame pointer to x29.
  *
@@ -54,6 +73,7 @@ static void unwind_init_common(struct unwind_state *state,
 	state->prev_fp = 0;
 	state->prev_type = STACK_TYPE_UNKNOWN;
 	state->failed = false;
+	state->reliable = true;
 
 	/* Stack trace terminates here. */
 	state->final_fp = (unsigned long)task_pt_regs(task)->stackframe;
@@ -207,11 +227,15 @@ static void notrace unwind_next(struct unwind_state *state)
 }
 NOKPROBE_SYMBOL(unwind_next);
 
-static void notrace unwind(struct unwind_state *state,
+static bool notrace unwind(struct unwind_state *state,
 			   stack_trace_consume_fn consume_entry, void *cookie)
 {
-	while (unwind_continue(state, consume_entry, cookie))
+	unwind_check_reliability(state);
+	while (unwind_continue(state, consume_entry, cookie)) {
 		unwind_next(state);
+		unwind_check_reliability(state);
+	}
+	return !state->failed && state->reliable;
 }
 NOKPROBE_SYMBOL(unwind);
 
-- 
2.25.1


WARNING: multiple messages have this Message-ID (diff)
From: madvenka@linux.microsoft.com
To: mark.rutland@arm.com, broonie@kernel.org, jpoimboe@redhat.com,
	ardb@kernel.org, nobuta.keiya@fujitsu.com,
	sjitindarsingh@gmail.com, catalin.marinas@arm.com,
	will@kernel.org, jmorris@namei.org,
	linux-arm-kernel@lists.infradead.org,
	live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
	madvenka@linux.microsoft.com
Subject: [PATCH v13 08/11] arm64: Introduce stack trace reliability checks in the unwinder
Date: Mon, 17 Jan 2022 08:56:05 -0600	[thread overview]
Message-ID: <20220117145608.6781-9-madvenka@linux.microsoft.com> (raw)
In-Reply-To: <20220117145608.6781-1-madvenka@linux.microsoft.com>

From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>

There are some kernel features and conditions that make a stack trace
unreliable. Callers may require the unwinder to detect these cases.
E.g., livepatch.

Introduce a new function called unwind_check_reliability() that will
detect these cases and set a flag in the stack frame. Call
unwind_check_reliability() for every frame in unwind().

Introduce the first reliability check in unwind_check_reliability() - If
a return PC is not a valid kernel text address, consider the stack
trace unreliable. It could be some generated code. Other reliability checks
will be added in the future.

Let unwind() return a boolean to indicate if the stack trace is
reliable.

Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
---
 arch/arm64/include/asm/stacktrace.h |  3 +++
 arch/arm64/kernel/stacktrace.c      | 28 ++++++++++++++++++++++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/stacktrace.h b/arch/arm64/include/asm/stacktrace.h
index c11b048ffd0e..26eba9d7e5c7 100644
--- a/arch/arm64/include/asm/stacktrace.h
+++ b/arch/arm64/include/asm/stacktrace.h
@@ -57,6 +57,8 @@ struct stack_info {
  * @final_fp	 Pointer to the final frame.
  *
  * @failed:      Unwind failed.
+ *
+ * @reliable:    Stack trace is reliable.
  */
 struct unwind_state {
 	unsigned long fp;
@@ -70,6 +72,7 @@ struct unwind_state {
 	struct task_struct *task;
 	unsigned long final_fp;
 	bool failed;
+	bool reliable;
 };
 
 extern void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk,
diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
index 73fc6b5ee6fd..3dc0374e83f7 100644
--- a/arch/arm64/kernel/stacktrace.c
+++ b/arch/arm64/kernel/stacktrace.c
@@ -18,6 +18,25 @@
 #include <asm/stack_pointer.h>
 #include <asm/stacktrace.h>
 
+/*
+ * Check the stack frame for conditions that make further unwinding unreliable.
+ */
+static void unwind_check_reliability(struct unwind_state *state)
+{
+	if (state->fp == state->final_fp) {
+		/* Final frame; no more unwind, no need to check reliability */
+		return;
+	}
+
+	/*
+	 * If the PC is not a known kernel text address, then we cannot
+	 * be sure that a subsequent unwind will be reliable, as we
+	 * don't know that the code follows our unwind requirements.
+	 */
+	if (!__kernel_text_address(state->pc))
+		state->reliable = false;
+}
+
 /*
  * AArch64 PCS assigns the frame pointer to x29.
  *
@@ -54,6 +73,7 @@ static void unwind_init_common(struct unwind_state *state,
 	state->prev_fp = 0;
 	state->prev_type = STACK_TYPE_UNKNOWN;
 	state->failed = false;
+	state->reliable = true;
 
 	/* Stack trace terminates here. */
 	state->final_fp = (unsigned long)task_pt_regs(task)->stackframe;
@@ -207,11 +227,15 @@ static void notrace unwind_next(struct unwind_state *state)
 }
 NOKPROBE_SYMBOL(unwind_next);
 
-static void notrace unwind(struct unwind_state *state,
+static bool notrace unwind(struct unwind_state *state,
 			   stack_trace_consume_fn consume_entry, void *cookie)
 {
-	while (unwind_continue(state, consume_entry, cookie))
+	unwind_check_reliability(state);
+	while (unwind_continue(state, consume_entry, cookie)) {
 		unwind_next(state);
+		unwind_check_reliability(state);
+	}
+	return !state->failed && state->reliable;
 }
 NOKPROBE_SYMBOL(unwind);
 
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply	other threads:[~2022-01-17 14:56 UTC|newest]

Thread overview: 150+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <95691cae4f4504f33d0fc9075541b1e7deefe96f>
2022-01-17 14:55 ` [PATCH v13 00/11] arm64: Reorganize the unwinder and implement stack trace reliability checks madvenka
2022-01-17 14:55   ` madvenka
2022-01-17 14:55   ` [PATCH v13 01/11] arm64: Remove NULL task check from unwind_frame() madvenka
2022-01-17 14:55     ` madvenka
2022-01-17 14:55   ` [PATCH v13 02/11] arm64: Rename unwinder functions madvenka
2022-01-17 14:55     ` madvenka
2022-01-17 14:56   ` [PATCH v13 03/11] arm64: Rename stackframe to unwind_state madvenka
2022-01-17 14:56     ` madvenka
2022-01-17 14:56   ` [PATCH v13 04/11] arm64: Split unwind_init() madvenka
2022-01-17 14:56     ` madvenka
2022-02-02 18:44     ` Mark Brown
2022-02-02 18:44       ` Mark Brown
2022-02-03  0:26       ` Madhavan T. Venkataraman
2022-02-03  0:26         ` Madhavan T. Venkataraman
2022-02-03  0:39         ` Madhavan T. Venkataraman
2022-02-03  0:39           ` Madhavan T. Venkataraman
2022-02-03 11:29           ` Mark Brown
2022-02-03 11:29             ` Mark Brown
2022-02-15 13:07     ` Mark Rutland
2022-02-15 13:07       ` Mark Rutland
2022-02-15 18:04       ` Madhavan T. Venkataraman
2022-02-15 18:04         ` Madhavan T. Venkataraman
2022-01-17 14:56   ` [PATCH v13 05/11] arm64: Copy the task argument to unwind_state madvenka
2022-01-17 14:56     ` madvenka
2022-02-02 18:45     ` Mark Brown
2022-02-02 18:45       ` Mark Brown
2022-02-15 13:22     ` Mark Rutland
2022-02-15 13:22       ` Mark Rutland
2022-02-22 16:53       ` Madhavan T. Venkataraman
2022-02-22 16:53         ` Madhavan T. Venkataraman
2022-01-17 14:56   ` [PATCH v13 06/11] arm64: Use stack_trace_consume_fn and rename args to unwind() madvenka
2022-01-17 14:56     ` madvenka
2022-02-02 18:46     ` Mark Brown
2022-02-02 18:46       ` Mark Brown
2022-02-03  0:34       ` Madhavan T. Venkataraman
2022-02-03  0:34         ` Madhavan T. Venkataraman
2022-02-03 11:30         ` Mark Brown
2022-02-03 11:30           ` Mark Brown
2022-02-03 14:45           ` Madhavan T. Venkataraman
2022-02-03 14:45             ` Madhavan T. Venkataraman
2022-02-15 13:39     ` Mark Rutland
2022-02-15 13:39       ` Mark Rutland
2022-02-15 18:12       ` Madhavan T. Venkataraman
2022-02-15 18:12         ` Madhavan T. Venkataraman
2022-03-07 16:51       ` Madhavan T. Venkataraman
2022-03-07 16:51         ` Madhavan T. Venkataraman
2022-03-07 17:01         ` Mark Brown
2022-03-07 17:01           ` Mark Brown
2022-03-08 22:00           ` Madhavan T. Venkataraman
2022-03-08 22:00             ` Madhavan T. Venkataraman
2022-03-09 11:47             ` Mark Brown
2022-03-09 11:47               ` Mark Brown
2022-03-09 15:34               ` Madhavan T. Venkataraman
2022-03-09 15:34                 ` Madhavan T. Venkataraman
2022-03-10  8:33               ` Miroslav Benes
2022-03-10  8:33                 ` Miroslav Benes
2022-03-10 12:36                 ` Madhavan T. Venkataraman
2022-03-10 12:36                   ` Madhavan T. Venkataraman
2022-03-16  3:43               ` Josh Poimboeuf
2022-03-16  3:43                 ` Josh Poimboeuf
2022-04-08 14:44         ` Mark Rutland
2022-04-08 14:44           ` Mark Rutland
2022-04-08 17:58           ` Mark Rutland
2022-04-08 17:58             ` Mark Rutland
2022-04-10 17:42             ` Madhavan T. Venkataraman
2022-04-10 17:42               ` Madhavan T. Venkataraman
2022-04-10 17:33           ` Madhavan T. Venkataraman
2022-04-10 17:33             ` Madhavan T. Venkataraman
2022-04-10 17:45           ` Madhavan T. Venkataraman
2022-04-10 17:45             ` Madhavan T. Venkataraman
2022-01-17 14:56   ` [PATCH v13 07/11] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2022-01-17 14:56     ` madvenka
2022-01-17 14:56   ` madvenka [this message]
2022-01-17 14:56     ` [PATCH v13 08/11] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2022-01-17 14:56   ` [PATCH v13 09/11] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2022-01-17 14:56     ` madvenka
2022-01-17 14:56   ` [PATCH v13 10/11] arm64: Introduce arch_stack_walk_reliable() madvenka
2022-01-17 14:56     ` madvenka
2022-01-17 14:56   ` [PATCH v13 11/11] arm64: Select HAVE_RELIABLE_STACKTRACE madvenka
2022-01-17 14:56     ` madvenka
2022-01-25  5:21     ` nobuta.keiya
2022-01-25  5:21       ` nobuta.keiya
2022-01-25 13:43       ` Madhavan T. Venkataraman
2022-01-25 13:43         ` Madhavan T. Venkataraman
2022-01-26 10:20         ` nobuta.keiya
2022-01-26 10:20           ` nobuta.keiya
2022-01-26 17:14           ` Madhavan T. Venkataraman
2022-01-26 17:14             ` Madhavan T. Venkataraman
2022-01-27  1:13             ` nobuta.keiya
2022-01-27  1:13               ` nobuta.keiya
2022-01-26 17:16       ` Mark Brown
2022-01-26 17:16         ` Mark Brown
2022-04-07 20:25 ` [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation madvenka
2022-04-07 20:25   ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 1/9] objtool: Parse DWARF Call Frame Information in object files madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 2/9] objtool: Generate DWARF rules and place them in a special section madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 3/9] dwarf: Build the kernel with DWARF information madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 4/9] dwarf: Implement DWARF rule processing in the kernel madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 5/9] dwarf: Implement DWARF support for modules madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 6/9] arm64: unwinder: Add a reliability check in the unwinder based on DWARF CFI madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 7/9] arm64: dwarf: Implement unwind hints madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 8/9] dwarf: Miscellaneous changes required for enabling livepatch madvenka
2022-04-07 20:25     ` madvenka
2022-04-07 20:25   ` [RFC PATCH v1 9/9] dwarf: Enable livepatch for ARM64 madvenka
2022-04-07 20:25     ` madvenka
2022-04-08  0:21   ` [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation Josh Poimboeuf
2022-04-08  0:21     ` Josh Poimboeuf
2022-04-08 11:41     ` Peter Zijlstra
2022-04-08 11:41       ` Peter Zijlstra
2022-04-11 17:26       ` Madhavan T. Venkataraman
2022-04-11 17:26         ` Madhavan T. Venkataraman
2022-04-11 17:18     ` Madhavan T. Venkataraman
2022-04-11 17:18       ` Madhavan T. Venkataraman
2022-04-12  8:32       ` Chen Zhongjin
2022-04-12  8:32         ` Chen Zhongjin
2022-04-16  0:56         ` Josh Poimboeuf
2022-04-16  0:56           ` Josh Poimboeuf
2022-04-18 12:28           ` Chen Zhongjin
2022-04-18 12:28             ` Chen Zhongjin
2022-04-18 16:11             ` Josh Poimboeuf
2022-04-18 16:11               ` Josh Poimboeuf
2022-04-18 18:38               ` Madhavan T. Venkataraman
2022-04-18 18:38                 ` Madhavan T. Venkataraman
     [not found]       ` <844b3ede-eddb-cbe6-80e0-3529e2da2eb6@huawei.com>
2022-04-12 17:27         ` Madhavan T. Venkataraman
2022-04-12 17:27           ` Madhavan T. Venkataraman
2022-04-16  1:07       ` Josh Poimboeuf
2022-04-16  1:07         ` Josh Poimboeuf
2022-04-14 14:11     ` Madhavan T. Venkataraman
2022-04-14 14:11       ` Madhavan T. Venkataraman
2022-04-08 10:55   ` Peter Zijlstra
2022-04-08 10:55     ` Peter Zijlstra
2022-04-08 11:54     ` Peter Zijlstra
2022-04-08 11:54       ` Peter Zijlstra
2022-04-08 14:34       ` Josh Poimboeuf
2022-04-08 14:34         ` Josh Poimboeuf
2022-04-10 17:47     ` Madhavan T. Venkataraman
2022-04-10 17:47       ` Madhavan T. Venkataraman
2022-04-11 16:34       ` Josh Poimboeuf
2022-04-11 16:34         ` Josh Poimboeuf
2022-04-08 12:06   ` Peter Zijlstra
2022-04-08 12:06     ` Peter Zijlstra
2022-04-11 17:35     ` Madhavan T. Venkataraman
2022-04-11 17:35       ` Madhavan T. Venkataraman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220117145608.6781-9-madvenka@linux.microsoft.com \
    --to=madvenka@linux.microsoft.com \
    --cc=ardb@kernel.org \
    --cc=broonie@kernel.org \
    --cc=catalin.marinas@arm.com \
    --cc=jmorris@namei.org \
    --cc=jpoimboe@redhat.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=live-patching@vger.kernel.org \
    --cc=mark.rutland@arm.com \
    --cc=nobuta.keiya@fujitsu.com \
    --cc=sjitindarsingh@gmail.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.