From: Stas Sergeev <stsp@aknet.ru>
To: Andrew Morton <akpm@osdl.org>
Cc: petkov@uni-muenster.de, jamagallon@able.es, linux-kernel@vger.kernel.org
Subject: [patch 3/3]: fix BAD_SYSCALL_EXIT lockup
Date: Tue, 12 Apr 2005 23:54:15 +0400 [thread overview]
Message-ID: <425C2767.6080603@aknet.ru> (raw)
In-Reply-To: <20050411212712.0dbd821d.akpm@osdl.org>
[-- Attachment #1: Type: text/plain, Size: 608 bytes --]
Hello.
CONFIG_TRAP_BAD_SYSCALL_EXITS forgets to do
GET_THREAD_INFO(%ebp) before accessing the
TI_preempt_count(%ebp). This leads to an
accesses to the random addresses and kills
the machine. Also "int $3" does nothing good
by itself (it would just Oops AFAICS). And
it is misplaced, too. Obviously it never worked.
The attached patch moves the check to the
right place (to the syscall_exit path) and
replaces the "int $3" by the call to the
helper function that only prints some debug
info and doesn't crash the system.
This fully solves the reported problem.
Signed-off-by: Stas Sergeev <stsp@aknet.ru>
[-- Attachment #2: kgdbfix2.diff --]
[-- Type: text/x-patch, Size: 1723 bytes --]
--- linux/arch/i386/kernel/entry.S 2005-04-12 09:47:38.000000000 +0400
+++ linux/arch/i386/kernel/entry.S 2005-04-12 11:51:49.000000000 +0400
@@ -253,24 +253,15 @@
cli # make sure we don't miss an interrupt
# setting need_resched or sigpending
# between sampling and the iret
+#ifdef CONFIG_TRAP_BAD_SYSCALL_EXITS
+ movl %esp, %eax # pt_regs pointer
+ call sys_call_exit
+#endif
movl TI_flags(%ebp), %ecx
testw $_TIF_ALLWORK_MASK, %cx # current->work
jne syscall_exit_work
restore_all:
-#ifdef CONFIG_TRAP_BAD_SYSCALL_EXITS
- movl EFLAGS(%esp), %eax # mix EFLAGS and CS
- movb CS(%esp), %al
- testl $(VM_MASK | 3), %eax
- jz resume_kernelX # returning to kernel or vm86-space
-
- cmpl $0,TI_preempt_count(%ebp) # non-zero preempt_count ?
- jz resume_kernelX
-
- int $3
-
-resume_kernelX:
-#endif
movl EFLAGS(%esp), %eax # mix EFLAGS, SS and CS
movb OLDSS(%esp), %ah
movb CS(%esp), %al
--- linux/arch/i386/kernel/kgdb_stub.c 2005-04-12 09:47:38.000000000 +0400
+++ linux/arch/i386/kernel/kgdb_stub.c 2005-04-12 13:23:57.000000000 +0400
@@ -2135,18 +2135,16 @@
#endif
#undef regs
#ifdef CONFIG_TRAP_BAD_SYSCALL_EXITS
-asmlinkage void
-bad_sys_call_exit(int stuff)
+fastcall void sys_call_exit(struct pt_regs *regs)
{
- struct pt_regs *regs = (struct pt_regs *) &stuff;
- printk("Sys call %d return with %x preempt_count\n",
- (int) regs->orig_eax, preempt_count());
+ if (preempt_count())
+ printk("Sys call %d return with %x preempt_count\n",
+ (int) regs->orig_eax, preempt_count());
}
#endif
#ifdef CONFIG_STACK_OVERFLOW_TEST
#include <asm/kgdb.h>
-asmlinkage void
-stack_overflow(void)
+fastcall void stack_overflow(void)
{
#ifdef BREAKPOINT
BREAKPOINT;
next prev parent reply other threads:[~2005-04-13 1:34 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-11 8:25 2.6.12-rc2-mm3 Andrew Morton
2005-04-11 8:56 ` 2.6.12-rc2-mm3 J.A. Magallon
2005-04-11 9:43 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-11 21:59 ` 2.6.12-rc2-mm3 Borislav Petkov
2005-04-11 22:22 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 4:20 ` 2.6.12-rc2-mm3 Stas Sergeev
2005-04-12 4:27 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 19:37 ` [patch 0/3] 2.6.12-rc2-mm3 Stas Sergeev
2005-04-12 19:42 ` [patch 1/3]: move config option for BAD_SYSCALL_EXIT Stas Sergeev
2005-04-12 19:47 ` [patch 2/3]: entry.S trap return fixes Stas Sergeev
2005-04-13 2:09 ` Andrew Morton
2005-04-13 3:18 ` Stas Sergeev
2005-04-12 19:54 ` Stas Sergeev [this message]
2005-04-12 12:22 ` 2.6.12-rc2-mm3 Borislav Petkov
2005-04-11 10:34 ` 2.6.12-rc2-mm3 Jan Dittmer
2005-04-11 17:33 ` 2.6.12-rc2-mm3 Benoit Boissinot
2005-04-11 19:11 ` 2.6.12-rc2-mm3 Jindrich Makovicka
2005-04-12 0:22 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 8:21 ` 2.6.12-rc2-mm3 Jindrich Makovicka
2005-04-11 20:46 ` 2.6.12-rc2-mm3 Martin J. Bligh
2005-04-11 22:24 ` 2.6.12-rc2-mm3 Benoit Boissinot
2005-04-12 22:32 ` 2.6.12-rc2-mm3 Martin J. Bligh
2005-04-11 21:05 ` 2.6.12-rc2-mm3: CONFIG_MODULES=n MTD compile error Adrian Bunk
2005-04-12 1:18 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-12 2:09 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-12 3:26 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-12 4:42 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-12 6:34 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-12 18:08 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-12 22:40 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-13 1:44 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-15 18:23 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-15 23:23 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-17 8:40 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-24 0:01 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-24 1:59 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-24 2:15 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-04-24 3:14 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-24 4:25 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-24 9:53 ` 2.6.12-rc2-mm3 Oleg Nesterov
2005-04-24 23:11 ` 2.6.12-rc2-mm3 Juergen Kreileder
2005-04-25 0:09 ` 2.6.12-rc2-mm3 Benjamin Herrenschmidt
2005-05-03 6:29 ` 2.6.12-rc2-mm3 Andrew Morton
2005-05-03 10:42 ` 2.6.12-rc2-mm3 Oleg Nesterov
2005-04-12 5:00 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 5:51 ` 2.6.12-rc2-mm3 Nick Piggin
2005-04-12 6:19 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 6:49 ` 2.6.12-rc2-mm3 Nick Piggin
2005-04-12 7:50 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-12 19:03 ` 2.6.12-rc2-mm3 Steven Pratt
2005-04-12 17:01 ` 2.6.12-rc2-mm3 Steven Pratt
2005-04-12 7:06 ` 2.6.12-rc2-mm3 Jens Axboe
2005-04-12 11:32 ` 2.6.12-rc2-mm3 Ed Tomlinson
2005-04-12 11:39 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-14 0:15 ` 2.6.12-rc2-mm3 Ed Tomlinson
2005-04-14 0:20 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-14 0:38 ` 2.6.12-rc2-mm3 Ed Tomlinson
2005-04-14 0:54 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-17 21:32 ` [-mm patch] fix "make mandocs" Adrian Bunk
2005-04-17 22:27 ` 2.6.12-rc2-mm3 Alexander Nyberg
2005-04-17 22:36 ` 2.6.12-rc2-mm3 Alexander Nyberg
2005-04-19 2:03 ` 2.6.12-rc2-mm3: hostap: do not #include .c files Adrian Bunk
2005-04-19 2:12 ` Jouni Malinen
2005-04-26 0:49 ` 2.6.12-rc2-mm3 Randy.Dunlap
2005-04-26 1:06 ` 2.6.12-rc2-mm3 Andrew Morton
2005-04-26 3:17 ` 2.6.12-rc2-mm3 Greg KH
2005-04-26 16:15 ` 2.6.12-rc2-mm3 Randy.Dunlap
2005-04-27 10:41 ` 2.6.12-rc2-mm3 Alexander Nyberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=425C2767.6080603@aknet.ru \
--to=stsp@aknet.ru \
--cc=akpm@osdl.org \
--cc=jamagallon@able.es \
--cc=linux-kernel@vger.kernel.org \
--cc=petkov@uni-muenster.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox