| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mhng-c42cbd7f-4935-4d16-9150-5504fd06aedd@palmer-mbp2014>
Date: Thu, 21 Jul 2022 17:11:06 -0700 (PDT)
From: Palmer Dabbelt <palmer@...belt.com>
To: xianting.tian@...ux.alibaba.com
CC: Paul Walmsley <paul.walmsley@...ive.com>, aou@...s.berkeley.edu,
wangkefeng.wang@...wei.com, philipp.tomsich@...ll.eu,
ebiederm@...ssion.com, heiko@...ech.de, vitaly.wool@...sulko.com,
tongtiangen@...wei.com, guoren@...nel.org,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
xianting.tian@...ux.alibaba.com
Subject: Re: [RESEND PATCH v2] RISC-V: Add fast call path of crash_kexec()
On Mon, 06 Jun 2022 01:23:08 PDT (-0700), xianting.tian@...ux.alibaba.com wrote:
> Currently, almost all archs (x86, arm64, mips...) support fast call
> of crash_kexec() when "regs && kexec_should_crash()" is true. But
> RISC-V not, it can only enter crash system via panic(). However panic()
> doesn't pass the regs of the real accident scene to crash_kexec(),
> it caused we can't get accurate backtrace via gdb,
> $ riscv64-linux-gnu-gdb vmlinux vmcore
> Reading symbols from vmlinux...
> [New LWP 95]
> #0 console_unlock () at kernel/printk/printk.c:2557
> 2557 if (do_cond_resched)
> (gdb) bt
> #0 console_unlock () at kernel/printk/printk.c:2557
> #1 0x0000000000000000 in ?? ()
>
> With the patch we can get the accurate backtrace,
> $ riscv64-linux-gnu-gdb vmlinux vmcore
> Reading symbols from vmlinux...
> [New LWP 95]
> #0 0xffffffe00063a4e0 in test_thread (data=<optimized out>) at drivers/test_crash.c:81
> 81 *(int *)p = 0xdead;
> (gdb)
> (gdb) bt
> #0 0xffffffe00064d5c0 in test_thread (data=<optimized out>) at drivers/test_crash.c:81
> #1 0x0000000000000000 in ?? ()
>
> Test code to produce NULL address dereference in test_crash.c,
> void *p = NULL;
> *(int *)p = 0xdead;
>
> Reviewed-by: Guo Ren <guoren@...nel.org>
> Tested-by: Xianting Tian <xianting.tian@...ux.alibaba.com>
> Signed-off-by: Xianting Tian <xianting.tian@...ux.alibaba.com>
> ---
> Changes from v1:
> - simplify the commit message
> ---
> arch/riscv/kernel/traps.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
> index fe92e119e6a3..e666ebfa2a64 100644
> --- a/arch/riscv/kernel/traps.c
> +++ b/arch/riscv/kernel/traps.c
> @@ -16,6 +16,7 @@
> #include <linux/mm.h>
> #include <linux/module.h>
> #include <linux/irq.h>
> +#include <linux/kexec.h>
>
> #include <asm/asm-prototypes.h>
> #include <asm/bug.h>
> @@ -44,6 +45,9 @@ void die(struct pt_regs *regs, const char *str)
>
> ret = notify_die(DIE_OOPS, str, regs, 0, regs->cause, SIGSEGV);
>
> + if (regs && kexec_should_crash(current))
> + crash_kexec(regs);
> +
> bust_spinlocks(0);
> add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
> spin_unlock_irq(&die_lock);
Thanks, this is on for-next.
Powered by blists - more mailing lists