[PATCH] unwinder: more sanity checks in Dwarf2 unwinder
Tighten the requirements on both input to and output from the Dwarf2 unwinder. Signed-off-by: Jan Beulich <jbeulich@novell.com> Signed-off-by: Andi Kleen <ak@suse.de>
This commit is contained in:
parent
eef5e0d185
commit
359ad0d401
5 changed files with 35 additions and 15 deletions
|
@ -161,12 +161,19 @@ dump_trace_unwind(struct unwind_frame_info *info, void *data)
|
||||||
{
|
{
|
||||||
struct ops_and_data *oad = (struct ops_and_data *)data;
|
struct ops_and_data *oad = (struct ops_and_data *)data;
|
||||||
int n = 0;
|
int n = 0;
|
||||||
|
unsigned long sp = UNW_SP(info);
|
||||||
|
|
||||||
|
if (arch_unw_user_mode(info))
|
||||||
|
return -1;
|
||||||
while (unwind(info) == 0 && UNW_PC(info)) {
|
while (unwind(info) == 0 && UNW_PC(info)) {
|
||||||
n++;
|
n++;
|
||||||
oad->ops->address(oad->data, UNW_PC(info));
|
oad->ops->address(oad->data, UNW_PC(info));
|
||||||
if (arch_unw_user_mode(info))
|
if (arch_unw_user_mode(info))
|
||||||
break;
|
break;
|
||||||
|
if ((sp & ~(PAGE_SIZE - 1)) == (UNW_SP(info) & ~(PAGE_SIZE - 1))
|
||||||
|
&& sp > UNW_SP(info))
|
||||||
|
break;
|
||||||
|
sp = UNW_SP(info);
|
||||||
}
|
}
|
||||||
return n;
|
return n;
|
||||||
}
|
}
|
||||||
|
|
|
@ -225,12 +225,19 @@ static int dump_trace_unwind(struct unwind_frame_info *info, void *context)
|
||||||
{
|
{
|
||||||
struct ops_and_data *oad = (struct ops_and_data *)context;
|
struct ops_and_data *oad = (struct ops_and_data *)context;
|
||||||
int n = 0;
|
int n = 0;
|
||||||
|
unsigned long sp = UNW_SP(info);
|
||||||
|
|
||||||
|
if (arch_unw_user_mode(info))
|
||||||
|
return -1;
|
||||||
while (unwind(info) == 0 && UNW_PC(info)) {
|
while (unwind(info) == 0 && UNW_PC(info)) {
|
||||||
n++;
|
n++;
|
||||||
oad->ops->address(oad->data, UNW_PC(info));
|
oad->ops->address(oad->data, UNW_PC(info));
|
||||||
if (arch_unw_user_mode(info))
|
if (arch_unw_user_mode(info))
|
||||||
break;
|
break;
|
||||||
|
if ((sp & ~(PAGE_SIZE - 1)) == (UNW_SP(info) & ~(PAGE_SIZE - 1))
|
||||||
|
&& sp > UNW_SP(info))
|
||||||
|
break;
|
||||||
|
sp = UNW_SP(info);
|
||||||
}
|
}
|
||||||
return n;
|
return n;
|
||||||
}
|
}
|
||||||
|
|
|
@ -79,17 +79,13 @@ extern asmlinkage int arch_unwind_init_running(struct unwind_frame_info *,
|
||||||
void *arg),
|
void *arg),
|
||||||
void *arg);
|
void *arg);
|
||||||
|
|
||||||
static inline int arch_unw_user_mode(const struct unwind_frame_info *info)
|
static inline int arch_unw_user_mode(/*const*/ struct unwind_frame_info *info)
|
||||||
{
|
{
|
||||||
#if 0 /* This can only work when selector register and EFLAGS saves/restores
|
return user_mode_vm(&info->regs)
|
||||||
are properly annotated (and tracked in UNW_REGISTER_INFO). */
|
|| info->regs.eip < PAGE_OFFSET
|
||||||
return user_mode_vm(&info->regs);
|
|
||||||
#else
|
|
||||||
return info->regs.eip < PAGE_OFFSET
|
|
||||||
|| (info->regs.eip >= __fix_to_virt(FIX_VDSO)
|
|| (info->regs.eip >= __fix_to_virt(FIX_VDSO)
|
||||||
&& info->regs.eip < __fix_to_virt(FIX_VDSO) + PAGE_SIZE)
|
&& info->regs.eip < __fix_to_virt(FIX_VDSO) + PAGE_SIZE)
|
||||||
|| info->regs.esp < PAGE_OFFSET;
|
|| info->regs.esp < PAGE_OFFSET;
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
|
@ -87,14 +87,10 @@ extern int arch_unwind_init_running(struct unwind_frame_info *,
|
||||||
|
|
||||||
static inline int arch_unw_user_mode(const struct unwind_frame_info *info)
|
static inline int arch_unw_user_mode(const struct unwind_frame_info *info)
|
||||||
{
|
{
|
||||||
#if 0 /* This can only work when selector register saves/restores
|
return user_mode(&info->regs)
|
||||||
are properly annotated (and tracked in UNW_REGISTER_INFO). */
|
|| (long)info->regs.rip >= 0
|
||||||
return user_mode(&info->regs);
|
|
||||||
#else
|
|
||||||
return (long)info->regs.rip >= 0
|
|
||||||
|| (info->regs.rip >= VSYSCALL_START && info->regs.rip < VSYSCALL_END)
|
|| (info->regs.rip >= VSYSCALL_START && info->regs.rip < VSYSCALL_END)
|
||||||
|| (long)info->regs.rsp >= 0;
|
|| (long)info->regs.rsp >= 0;
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
|
@ -95,6 +95,7 @@ static const struct {
|
||||||
|
|
||||||
typedef unsigned long uleb128_t;
|
typedef unsigned long uleb128_t;
|
||||||
typedef signed long sleb128_t;
|
typedef signed long sleb128_t;
|
||||||
|
#define sleb128abs __builtin_labs
|
||||||
|
|
||||||
static struct unwind_table {
|
static struct unwind_table {
|
||||||
struct {
|
struct {
|
||||||
|
@ -787,7 +788,7 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
#define FRAME_REG(r, t) (((t *)frame)[reg_info[r].offs])
|
#define FRAME_REG(r, t) (((t *)frame)[reg_info[r].offs])
|
||||||
const u32 *fde = NULL, *cie = NULL;
|
const u32 *fde = NULL, *cie = NULL;
|
||||||
const u8 *ptr = NULL, *end = NULL;
|
const u8 *ptr = NULL, *end = NULL;
|
||||||
unsigned long pc = UNW_PC(frame) - frame->call_frame;
|
unsigned long pc = UNW_PC(frame) - frame->call_frame, sp;
|
||||||
unsigned long startLoc = 0, endLoc = 0, cfa;
|
unsigned long startLoc = 0, endLoc = 0, cfa;
|
||||||
unsigned i;
|
unsigned i;
|
||||||
signed ptrType = -1;
|
signed ptrType = -1;
|
||||||
|
@ -936,6 +937,9 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
state.dataAlign = get_sleb128(&ptr, end);
|
state.dataAlign = get_sleb128(&ptr, end);
|
||||||
if (state.codeAlign == 0 || state.dataAlign == 0 || ptr >= end)
|
if (state.codeAlign == 0 || state.dataAlign == 0 || ptr >= end)
|
||||||
cie = NULL;
|
cie = NULL;
|
||||||
|
else if (UNW_PC(frame) % state.codeAlign
|
||||||
|
|| UNW_SP(frame) % sleb128abs(state.dataAlign))
|
||||||
|
return -EPERM;
|
||||||
else {
|
else {
|
||||||
retAddrReg = state.version <= 1 ? *ptr++ : get_uleb128(&ptr, end);
|
retAddrReg = state.version <= 1 ? *ptr++ : get_uleb128(&ptr, end);
|
||||||
/* skip augmentation */
|
/* skip augmentation */
|
||||||
|
@ -968,6 +972,8 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
#ifdef CONFIG_FRAME_POINTER
|
#ifdef CONFIG_FRAME_POINTER
|
||||||
unsigned long top, bottom;
|
unsigned long top, bottom;
|
||||||
|
|
||||||
|
if ((UNW_SP(frame) | UNW_FP(frame)) % sizeof(unsigned long))
|
||||||
|
return -EPERM;
|
||||||
top = STACK_TOP(frame->task);
|
top = STACK_TOP(frame->task);
|
||||||
bottom = STACK_BOTTOM(frame->task);
|
bottom = STACK_BOTTOM(frame->task);
|
||||||
# if FRAME_RETADDR_OFFSET < 0
|
# if FRAME_RETADDR_OFFSET < 0
|
||||||
|
@ -1018,6 +1024,7 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
|| state.regs[retAddrReg].where == Nowhere
|
|| state.regs[retAddrReg].where == Nowhere
|
||||||
|| state.cfa.reg >= ARRAY_SIZE(reg_info)
|
|| state.cfa.reg >= ARRAY_SIZE(reg_info)
|
||||||
|| reg_info[state.cfa.reg].width != sizeof(unsigned long)
|
|| reg_info[state.cfa.reg].width != sizeof(unsigned long)
|
||||||
|
|| FRAME_REG(state.cfa.reg, unsigned long) % sizeof(unsigned long)
|
||||||
|| state.cfa.offs % sizeof(unsigned long))
|
|| state.cfa.offs % sizeof(unsigned long))
|
||||||
return -EIO;
|
return -EIO;
|
||||||
/* update frame */
|
/* update frame */
|
||||||
|
@ -1038,6 +1045,8 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
#else
|
#else
|
||||||
# define CASES CASE(8); CASE(16); CASE(32); CASE(64)
|
# define CASES CASE(8); CASE(16); CASE(32); CASE(64)
|
||||||
#endif
|
#endif
|
||||||
|
pc = UNW_PC(frame);
|
||||||
|
sp = UNW_SP(frame);
|
||||||
for (i = 0; i < ARRAY_SIZE(state.regs); ++i) {
|
for (i = 0; i < ARRAY_SIZE(state.regs); ++i) {
|
||||||
if (REG_INVALID(i)) {
|
if (REG_INVALID(i)) {
|
||||||
if (state.regs[i].where == Nowhere)
|
if (state.regs[i].where == Nowhere)
|
||||||
|
@ -1118,6 +1127,11 @@ int unwind(struct unwind_frame_info *frame)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (UNW_PC(frame) % state.codeAlign
|
||||||
|
|| UNW_SP(frame) % sleb128abs(state.dataAlign)
|
||||||
|
|| (pc == UNW_PC(frame) && sp == UNW_SP(frame)))
|
||||||
|
return -EIO;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
#undef CASES
|
#undef CASES
|
||||||
#undef FRAME_REG
|
#undef FRAME_REG
|
||||||
|
|
Loading…
Reference in a new issue