|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 1/2] x86/traps: guard top-of-stack reads
Nothing (afaics) guarantees that the original frame's stack pointer
points at readable memory. Avoid a (likely nested) crash by attaching
exception recovery to the read (making it a single read at the same
time). Don't even invoke _show_trace() in case of a non-readable top
slot.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -484,16 +484,23 @@ static void _show_trace(unsigned long sp
static void show_trace(const struct cpu_user_regs *regs)
{
- unsigned long *sp = ESP_BEFORE_EXCEPTION(regs);
+ unsigned long *sp = ESP_BEFORE_EXCEPTION(regs), tos = 0;
printk("Xen call trace:\n");
+ asm ( "1: mov %2,%0; 2:\n"
+ ".pushsection .fixup,\"ax\"\n"
+ "3: xor %k1,%k1; jmp 2b\n"
+ ".popsection\n"
+ _ASM_EXTABLE(1b, 3b)
+ : "+r" (tos), "+r" (sp) : "m" (*sp) );
+
/*
* If RIP looks sensible, or the top of the stack doesn't, print RIP at
* the top of the stack trace.
*/
if ( is_active_kernel_text(regs->rip) ||
- !is_active_kernel_text(*sp) )
+ !is_active_kernel_text(tos) )
printk(" [<%p>] %pS\n", _p(regs->rip), _p(regs->rip));
/*
* Else RIP looks bad but the top of the stack looks good. Perhaps we
@@ -501,12 +508,15 @@ static void show_trace(const struct cpu_
* return address; print it and skip past so _show_trace() doesn't print
* it again.
*/
- else
+ else if ( sp )
{
- printk(" [<%p>] %pS\n", _p(*sp), _p(*sp));
+ printk(" [<%p>] %pS\n", _p(tos), _p(tos));
sp++;
}
+ if ( !sp )
+ return;
+
_show_trace((unsigned long)sp, regs->rbp);
printk("\n");
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |