[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20250828115128.25f7b171@gandalf.local.home>
Date: Thu, 28 Aug 2025 11:51:28 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: "Liam R. Howlett" <Liam.Howlett@...cle.com>
Cc: Steven Rostedt <rostedt@...nel.org>, linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org, bpf@...r.kernel.org, x86@...nel.org,
Masami Hiramatsu <mhiramat@...nel.org>, Mathieu Desnoyers
<mathieu.desnoyers@...icios.com>, Josh Poimboeuf <jpoimboe@...nel.org>,
Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, Jiri
Olsa <jolsa@...nel.org>, Arnaldo Carvalho de Melo <acme@...nel.org>,
Namhyung Kim <namhyung@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
Andrii Nakryiko <andrii@...nel.org>, Indu Bhagat <indu.bhagat@...cle.com>,
"Jose E. Marchesi" <jemarch@....org>, Beau Belgrave
<beaub@...ux.microsoft.com>, Jens Remus <jremus@...ux.ibm.com>, Linus
Torvalds <torvalds@...ux-foundation.org>, Andrew Morton
<akpm@...ux-foundation.org>, Florian Weimer <fweimer@...hat.com>, Sam James
<sam@...too.org>, Kees Cook <kees@...nel.org>, Carlos O'Donell
<codonell@...hat.com>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov
<bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, "H. Peter Anvin"
<hpa@...or.com>, David Hildenbrand <david@...hat.com>, Lorenzo Stoakes
<lorenzo.stoakes@...cle.com>, Vlastimil Babka <vbabka@...e.cz>, Mike
Rapoport <rppt@...nel.org>, Suren Baghdasaryan <surenb@...gle.com>, Michal
Hocko <mhocko@...e.com>, linux-mm@...ck.org
Subject: Re: [PATCH v10 02/11] unwind_user/sframe: Store sframe section data
in per-mm maple tree
On Thu, 28 Aug 2025 11:27:00 -0400
"Liam R. Howlett" <Liam.Howlett@...cle.com> wrote:
> > Does this make sense?
> >
>
> Perhaps it's the corruption part that I'm missing here. If the sframe
> is corrupt, you are iterating over all elements and checking the start
> address passed in against the section start.
>
> So if the section is corrupted then how can we depend on the
> sec->sframe_start?
>
> And is the maple tree corrupted? I mean, the mappings to sframe_start
> -> sec is still reliable, right?
>
> Looking at the storing code, you store text_start - text_end to sec,
> presumably the text_start cannot be smaller than the sframe_start?
Sorry, that's not what gets corrupted. I should have expanded on it.
The sframe section is two tables that describe how to get the return
address from text locations, much like how ORC works in the kernel. We get
a start and end address of where the sframe exists (that has the two
tables) and a start and end section of the text it represents.
When I said "corrupted", I meant that the sframe tables are totally created
by user space and can not be trusted. While reading the sframe tables, if
there's any anomaly that is found, it is considered "corrupted". So no, the
start and end of where the sframes are and where the text should be
validated at the start (I need to check that we do ;-).
But once we start reading the sframe tables, they could hold garbage, or
have something in there that the kernel doesn't support. As soon as that is
detected, it gets removed so that it isn't looked at again.
-- Steve
Powered by blists - more mailing lists