| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Mar 2012 19:02:34 +0200 From: Jiri Olsa <jolsa@...hat.com> To: Frederic Weisbecker <fweisbec@...il.com> Cc: "Frank Ch. Eigler" <fche@...hat.com>, acme@...hat.com, a.p.zijlstra@...llo.nl, mingo@...e.hu, paulus@...ba.org, cjashfor@...ux.vnet.ibm.com, eranian@...gle.com, gorcunov@...nvz.org, tzanussi@...il.com, mhiramat@...hat.com, rostedt@...dmis.org, robert.richter@....com, linux-kernel@...r.kernel.org, mjw@...hat.com Subject: Re: [PATCH 04/15] perf: Add ability to dump user regs On Wed, Mar 28, 2012 at 06:06:13PM +0200, Frederic Weisbecker wrote: > On Wed, Mar 28, 2012 at 11:12:30AM -0400, Frank Ch. Eigler wrote: > > Hi, Jiri - > > > > > [...] > > > > [...] Upon a normal syscall entry to the kernel, not > > > > all user registers are saved explicitly for such easy retrieval. The > > > > others may be spilled to the stack by gcc during the various sys_* > > > > functions or elsewhere. [...] > > > > > > Are you reffering to x86_64 where only portion of registers > > > is stored by SAVE_ARGS macro? Seems like 32 bits stores the > > > whole pt_regs. > > > > I believe that's the right area. I'm not sure even the 32-bit variant > > is complete enough, for example exempting MMX/SSE registers. These > > may also contain spilled registers before long. > > > > > > > Generally you could need all the registers to start the unwind, but > > > I was assuming that for most cases the stack pointer and instruction > > > pointer should be enough.. but I might be wrong here. > > > > Yeah; the question is how much is missed besides those "most cases". > > > > > > > > To recover these registers at run time, we found that the kernel > > > > stack itself has to be partially unwound [... Without that, it ...] > > > > may accidentally pass garbage data to perf userspace. Correcting > > > > this could require a kernel-space libunwind. > > > > > AFAIK not going to happen any time soon ;) > > > > Understood. Then the code needs to ensure that it does not purport to > > pass register values that it does not know. (Back when we were at > > this stage in systemtap, we got some reasonable backtraces even > > without kernel unwinding, ie. tolerating missing registers.) > > Right. > > I think in normal syscall case we save rdi, rsi, rdx, rax and rip. > If we take the syscall slow path we save rbx, rbp, r12-15. > > Unfortunately we don't save rsp, which must be the most important > for cfi unwinding. hm, I think we always have stack pointer should be saved by cpu itself together with other control regs like: ip cs eflags sp ss For syscalls, we also have the ones stored by SAVE_ARGS The rest of the registers (SAVE_REST) are available only for the sake of the syscall_trace_enter during the slow path, but it's poped out before executing the actuall syscall. jirka > > We probably need to check what is saved in irqs (set_irq_regs()) > and exceptions as well. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists