From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42043C43457 for ; Mon, 12 Oct 2020 17:32:52 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EB67B20797 for ; Mon, 12 Oct 2020 17:32:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="U8AGp5kb"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="S0L4engg" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EB67B20797 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=FzwDZ4uxeCOFoZuVs7tNIWdA598EWSyZ5AeZaKDI6Ok=; b=U8AGp5kbMAXRQreVnx6ET0VI5 2XQTatJIqgw8qcLDPO5dCk00ZaMZaNWCgZM5N/PQKBj56QjQ0+fEM8VigeqOhCaidycmgPxPnFLaK d7+r0l4O/a6+3FhOy+zVH+NOKb8bvBlLIvBbvRb2kdMlOtNuPBdAZtl0IIK9Up2IRF5ZNXjjdTNI5 LSwBsPrIDY2VItqmvSMh44eJoe+09N/4AY/fQrSvRKDWF8cRRXUBGVwZBUwKoJX+grMPS45+nw6Qy Limj4zU2c3zpzR2h92dvPQosSQbf7VRc3/GzkIOaA5u+/iq13nFoZ6ejK2/caxH10+D5OtAUI9vKu BOx3waoZw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kS1fT-0006qw-HX; Mon, 12 Oct 2020 17:31:27 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kS1fP-0006py-V8 for linux-arm-kernel@lists.infradead.org; Mon, 12 Oct 2020 17:31:25 +0000 Received: from localhost (fw-tnat.cambridge.arm.com [217.140.96.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DE01E2087E; Mon, 12 Oct 2020 17:31:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1602523883; bh=b+twsSMUHx8WgFOfcUZlhlhdYqSOdTLY1aIc6AB/lD4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=S0L4enggBl5OR11padAA7x651TLkB1f1N3AQdQwc1PlSWcoixU/DrmszitvvNkVId 68bwNIWWDfP6LTAo1mslyA9d04oXRGs1EQ20zdu3SGklIXZqmPIbzIa91KwgWg25Mf drwHdJvucS0icZcPzCMVkh6d9SFdg/GqXzQsYUnM= From: Mark Brown To: Catalin Marinas , Will Deacon Subject: [RFC PATCH 3/3] arm64: stacktrace: Implement reliable stacktrace Date: Mon, 12 Oct 2020 18:26:05 +0100 Message-Id: <20201012172605.10715-4-broonie@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201012172605.10715-1-broonie@kernel.org> References: <20201012172605.10715-1-broonie@kernel.org> MIME-Version: 1.0 X-Patch-Hashes: v=1; h=sha256; g=f9b5732b949e66eec2aa6e9395a754634de1e177; i=Lw08y8IBkXv48W9lfDeXaKNLBNIWCWci4kcJkkrSRRQ=; m=JhynlXtDM26KR8FJAHzKjorSH4XBIz0JE0/qIrEp23w=; p=qOi/eKy0AbeP03Vb9smH88fgZ5csg+rW0VaHNytXKA8= X-Patch-Sig: m=pgp; i=broonie@kernel.org; s=0xC3F436CA30F5D8EB; b=iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAl+EkSkACgkQJNaLcl1Uh9AB8ggAgxI a54GlL35EvNtv1QK3xa+lr6QRNG3lINZbmkPYkEvITty/5mpuO9WKp21xSBdSjUGWZSNEUcQx8/6j 8RS8yTSGOjFV3C8rxO3mbIYJaZ9aspJcHbNiED77h6ZhKv+xDKaspimpLxlpyfUYw4Maerdc9yk2h 3F24kcLo2JkgrB4WACrYV+kx05C2u6XBcCvuTyG3i/mLJGgEAlu/6AqnGWrrnk1K0UgtJ9+NqDCRd GUhgQ5Txp/ZDIyWc4Rps6oP6nHoSBqPZrO8KAYL1s49wEH43LPFN4K2r3xAM4lE+py4C67CQqgVtu FXCEnzos3elEMqKJH7iAPu9X7eOOCRQ== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201012_133124_566054_B4E6185E X-CRM114-Status: GOOD ( 18.77 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , Mark Brown , Miroslav Benes , linux-arm-kernel@lists.infradead.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Live patching has a consistency model which requires that the architecture provide a reliable stack trace interface which specifically indicates that the stack has been fully walked and that it is reliable and consistent. This is done by providing arch_stack_walk_reliable(), a variant of arch_stack_walk() which should verify that the stack has these properties and return an error if not. The arm64 unwinder is already reasonably thorough in verifying the stack as it walks it and reports errors but we additionally check that we do not see any kretprobe trampolines on the stack. Since the unwinder is able to resolve function graph tracer probes transparently we do not reject those. Signed-off-by: Mark Brown --- arch/arm64/Kconfig | 1 + arch/arm64/kernel/stacktrace.c | 42 ++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index d1ba52e4b976..026f69515a86 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -174,6 +174,7 @@ config ARM64 select HAVE_FUNCTION_ARG_ACCESS_API select HAVE_FUTEX_CMPXCHG if FUTEX select MMU_GATHER_RCU_TABLE_FREE + select HAVE_RELIABLE_STACKTRACE select HAVE_RSEQ select HAVE_STACKPROTECTOR select HAVE_SYSCALL_TRACEPOINTS diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c index ad20981dfda4..795b2c14481d 100644 --- a/arch/arm64/kernel/stacktrace.c +++ b/arch/arm64/kernel/stacktrace.c @@ -14,6 +14,7 @@ #include #include +#include #include #include #include @@ -212,4 +213,45 @@ void arch_stack_walk(stack_trace_consume_fn consume_entry, void *cookie, walk_stackframe(task, &frame, consume_entry, cookie); } +/* + * This function returns an error if it detects any unreliable features of the + * stack. Otherwise it guarantees that the stack trace is reliable. + * + * If the task is not 'current', the caller *must* ensure the task is inactive. + */ +int arch_stack_walk_reliable(stack_trace_consume_fn consume_entry, + void *cookie, struct task_struct *task) +{ + struct stackframe frame; + + if (task == current) + start_backtrace(&frame, + (unsigned long)__builtin_frame_address(0), + (unsigned long)arch_stack_walk_reliable); + else + start_backtrace(&frame, thread_saved_fp(task), + thread_saved_pc(task)); + + while (1) { + int ret; + +#ifdef CONFIG_KPROBES + /* + * Mark stacktraces with kretprobed functions on them + * as unreliable. + */ + if (frame.pc == (unsigned long)kretprobe_trampoline) + return -EINVAL; +#endif + + if (!consume_entry(cookie, frame.pc)) + return -EINVAL; + ret = unwind_frame(task, &frame); + if (ret == -ENOENT) + return 0; + if (ret < 0) + return ret; + } +} + #endif -- 2.20.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel