From c32c47c68a0ae701088c5b2c3798856ed16746ae Mon Sep 17 00:00:00 2001 From: Josh Poimboeuf Date: Wed, 26 Oct 2016 10:41:48 -0500 Subject: [PATCH] x86/unwind: Warn on bad frame pointer Detect situations in the unwinder where the frame pointer refers to a bad address, and print an appropriate warning. Use printk_deferred_once() because the unwinder can be called with the console lock by lockdep via save_stack_trace(). Signed-off-by: Josh Poimboeuf Cc: Andy Lutomirski Cc: Borislav Petkov Cc: Brian Gerst Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/03c888f6f7414d54fa56b393ea25482be6899b5f.1477496147.git.jpoimboe@redhat.com Signed-off-by: Ingo Molnar --- arch/x86/kernel/unwind_frame.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/unwind_frame.c b/arch/x86/kernel/unwind_frame.c index 579542736b7e..9be9a8f8c5df 100644 --- a/arch/x86/kernel/unwind_frame.c +++ b/arch/x86/kernel/unwind_frame.c @@ -123,8 +123,17 @@ bool unwind_next_frame(struct unwind_state *state) } /* make sure the next frame's data is accessible */ - if (!update_stack_state(state, next_frame, next_len)) - return false; + if (!update_stack_state(state, next_frame, next_len)) { + /* + * Don't warn on bad regs->bp. An interrupt in entry code + * might cause a false positive warning. + */ + if (state->regs) + goto the_end; + + goto bad_address; + } + /* move to the next frame */ if (regs) { state->regs = regs; @@ -136,6 +145,11 @@ bool unwind_next_frame(struct unwind_state *state) return true; +bad_address: + printk_deferred_once(KERN_WARNING + "WARNING: kernel stack frame pointer at %p in %s:%d has bad value %p\n", + state->bp, state->task->comm, + state->task->pid, next_bp); the_end: state->stack_info.type = STACK_TYPE_UNKNOWN; return false; -- 2.20.1