mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-12-29 17:25:38 +00:00
8eed4e00a3
During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardware Error]: CPU 296: Machine Check Exception: f Bank 1: bd80000000100134 mce: [Hardware Error]: RIP 10:<ffffffff821b9776> {__get_user_nocheck_4+0x6/0x20} mce: [Hardware Error]: TSC 411a93533ed ADDR 346a8730040 MISC 86 mce: [Hardware Error]: PROCESSOR 0:a06d0 TIME 1706000767 SOCKET 1 APIC 211 microcode 80001490 mce: [Hardware Error]: Run the above through 'mcelog --ascii' mce: [Hardware Error]: Machine check: Data load in unrecoverable area of kernel Kernel panic - not syncing: Fatal local machine check The MCA code can recover from an in-kernel #MC if the fixup type is EX_TYPE_UACCESS, explicitly indicating that the kernel is attempting to access userspace memory. However, if the fixup type is EX_TYPE_DEFAULT the only thing that is raised for an in-kernel #MC is a panic. ex_handler_uaccess() would warn if users gave a non-canonical addresses (with bit 63 clear) to {get, put}_user(), which was unexpected. Therefore, commitb19b74bc99
("x86/mm: Rework address range check in get_user() and put_user()") replaced _ASM_EXTABLE_UA() with _ASM_EXTABLE() for {get, put}_user() fixups. However, the new fixup type EX_TYPE_DEFAULT results in a panic. Commit6014bc2756
("x86-64: make access_ok() independent of LAM") added the check gp_fault_address_ok() right before the WARN_ONCE() in ex_handler_uaccess() to not warn about non-canonical user addresses due to LAM. With that in place, revert back to _ASM_EXTABLE_UA() for {get,put}_user() exception fixups in order to be able to handle in-kernel MCEs correctly again. [ bp: Massage commit message. ] Fixes:b19b74bc99
("x86/mm: Rework address range check in get_user() and put_user()") Signed-off-by: Qiuxu Zhuo <qiuxu.zhuo@intel.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: <stable@kernel.org> Link: https://lore.kernel.org/r/20240129063842.61584-1-qiuxu.zhuo@intel.com
148 lines
3.1 KiB
ArmAsm
148 lines
3.1 KiB
ArmAsm
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* __put_user functions.
|
|
*
|
|
* (C) Copyright 2005 Linus Torvalds
|
|
* (C) Copyright 2005 Andi Kleen
|
|
* (C) Copyright 2008 Glauber Costa
|
|
*
|
|
* These functions have a non-standard call interface
|
|
* to make them more efficient, especially as they
|
|
* return an error value in addition to the "real"
|
|
* return value.
|
|
*/
|
|
#include <linux/export.h>
|
|
#include <linux/linkage.h>
|
|
#include <asm/thread_info.h>
|
|
#include <asm/errno.h>
|
|
#include <asm/asm.h>
|
|
#include <asm/smap.h>
|
|
|
|
/*
|
|
* __put_user_X
|
|
*
|
|
* Inputs: %eax[:%edx] contains the data
|
|
* %ecx contains the address
|
|
*
|
|
* Outputs: %ecx is error code (0 or -EFAULT)
|
|
*
|
|
* Clobbers: %ebx needed for task pointer
|
|
*
|
|
* These functions should not modify any other registers,
|
|
* as they get called from within inline assembly.
|
|
*/
|
|
|
|
.macro check_range size:req
|
|
.if IS_ENABLED(CONFIG_X86_64)
|
|
mov %rcx, %rbx
|
|
sar $63, %rbx
|
|
or %rbx, %rcx
|
|
.else
|
|
cmp $TASK_SIZE_MAX-\size+1, %ecx
|
|
jae .Lbad_put_user
|
|
.endif
|
|
.endm
|
|
|
|
.text
|
|
SYM_FUNC_START(__put_user_1)
|
|
check_range size=1
|
|
ASM_STAC
|
|
1: movb %al,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_1)
|
|
EXPORT_SYMBOL(__put_user_1)
|
|
|
|
SYM_FUNC_START(__put_user_nocheck_1)
|
|
ASM_STAC
|
|
2: movb %al,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_nocheck_1)
|
|
EXPORT_SYMBOL(__put_user_nocheck_1)
|
|
|
|
SYM_FUNC_START(__put_user_2)
|
|
check_range size=2
|
|
ASM_STAC
|
|
3: movw %ax,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_2)
|
|
EXPORT_SYMBOL(__put_user_2)
|
|
|
|
SYM_FUNC_START(__put_user_nocheck_2)
|
|
ASM_STAC
|
|
4: movw %ax,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_nocheck_2)
|
|
EXPORT_SYMBOL(__put_user_nocheck_2)
|
|
|
|
SYM_FUNC_START(__put_user_4)
|
|
check_range size=4
|
|
ASM_STAC
|
|
5: movl %eax,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_4)
|
|
EXPORT_SYMBOL(__put_user_4)
|
|
|
|
SYM_FUNC_START(__put_user_nocheck_4)
|
|
ASM_STAC
|
|
6: movl %eax,(%_ASM_CX)
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_nocheck_4)
|
|
EXPORT_SYMBOL(__put_user_nocheck_4)
|
|
|
|
SYM_FUNC_START(__put_user_8)
|
|
check_range size=8
|
|
ASM_STAC
|
|
7: mov %_ASM_AX,(%_ASM_CX)
|
|
#ifdef CONFIG_X86_32
|
|
8: movl %edx,4(%_ASM_CX)
|
|
#endif
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_8)
|
|
EXPORT_SYMBOL(__put_user_8)
|
|
|
|
SYM_FUNC_START(__put_user_nocheck_8)
|
|
ASM_STAC
|
|
9: mov %_ASM_AX,(%_ASM_CX)
|
|
#ifdef CONFIG_X86_32
|
|
10: movl %edx,4(%_ASM_CX)
|
|
#endif
|
|
xor %ecx,%ecx
|
|
ASM_CLAC
|
|
RET
|
|
SYM_FUNC_END(__put_user_nocheck_8)
|
|
EXPORT_SYMBOL(__put_user_nocheck_8)
|
|
|
|
SYM_CODE_START_LOCAL(__put_user_handle_exception)
|
|
ASM_CLAC
|
|
.Lbad_put_user:
|
|
movl $-EFAULT,%ecx
|
|
RET
|
|
SYM_CODE_END(__put_user_handle_exception)
|
|
|
|
_ASM_EXTABLE_UA(1b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(2b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(3b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(4b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(5b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(6b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(7b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(9b, __put_user_handle_exception)
|
|
#ifdef CONFIG_X86_32
|
|
_ASM_EXTABLE_UA(8b, __put_user_handle_exception)
|
|
_ASM_EXTABLE_UA(10b, __put_user_handle_exception)
|
|
#endif
|