UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/arch/powerpc/kernel
History
Li Huafei 97f88a3d72 powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() 
I found a null pointer reference in arch_prepare_kprobe():

  # echo 'p cmdline_proc_show' > kprobe_events
  # echo 'p cmdline_proc_show+16' >> kprobe_events
  Kernel attempted to read user page (0) - exploit attempt? (uid: 0)
  BUG: Kernel NULL pointer dereference on read at 0x00000000
  Faulting instruction address: 0xc000000000050bfc
  Oops: Kernel access of bad area, sig: 11 [#1]
  LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV
  Modules linked in:
  CPU: 0 PID: 122 Comm: sh Not tainted 6.0.0-rc3-00007-gdcf8e5633e2e #10
  NIP:  c000000000050bfc LR: c000000000050bec CTR: 0000000000005bdc
  REGS: c0000000348475b0 TRAP: 0300   Not tainted  (6.0.0-rc3-00007-gdcf8e5633e2e)
  MSR:  9000000000009033 <SF,HV,EE,ME,IR,DR,RI,LE>  CR: 88002444  XER: 20040006
  CFAR: c00000000022d100 DAR: 0000000000000000 DSISR: 40000000 IRQMASK: 0
  ...
  NIP arch_prepare_kprobe+0x10c/0x2d0
  LR  arch_prepare_kprobe+0xfc/0x2d0
  Call Trace:
    0xc0000000012f77a0 (unreliable)
    register_kprobe+0x3c0/0x7a0
    __register_trace_kprobe+0x140/0x1a0
    __trace_kprobe_create+0x794/0x1040
    trace_probe_create+0xc4/0xe0
    create_or_delete_trace_kprobe+0x2c/0x80
    trace_parse_run_command+0xf0/0x210
    probes_write+0x20/0x40
    vfs_write+0xfc/0x450
    ksys_write+0x84/0x140
    system_call_exception+0x17c/0x3a0
    system_call_vectored_common+0xe8/0x278
  --- interrupt: 3000 at 0x7fffa5682de0
  NIP:  00007fffa5682de0 LR: 0000000000000000 CTR: 0000000000000000
  REGS: c000000034847e80 TRAP: 3000   Not tainted  (6.0.0-rc3-00007-gdcf8e5633e2e)
  MSR:  900000000280f033 <SF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI,LE>  CR: 44002408  XER: 00000000

The address being probed has some special:

  cmdline_proc_show: Probe based on ftrace
  cmdline_proc_show+16: Probe for the next instruction at the ftrace location

The ftrace-based kprobe does not generate kprobe::ainsn::insn, it gets
set to NULL. In arch_prepare_kprobe() it will check for:

  ...
  prev = get_kprobe(p->addr - 1);
  preempt_enable_no_resched();
  if (prev && ppc_inst_prefixed(ppc_inst_read(prev->ainsn.insn))) {
  ...

If prev is based on ftrace, 'ppc_inst_read(prev->ainsn.insn)' will occur
with a null pointer reference. At this point prev->addr will not be a
prefixed instruction, so the check can be skipped.

Check if prev is ftrace-based kprobe before reading 'prev->ainsn.insn'
to fix this problem.

Fixes: b4657f7650 ("powerpc/kprobes: Don't allow breakpoints on suffixes")
Signed-off-by: Li Huafei <lihuafei1@huawei.com>
[mpe: Trim oops]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20220923093253.177298-1-lihuafei1@huawei.com
 		2022-09-28 22:19:52 +10:00
..
ptrace powerpc: Fix all occurences of duplicate words 2022-07-25 12:05:15 +10:00
syscalls powerpc: Adopt SYSCALL_DEFINE for arch-specific syscall handlers 2022-09-28 19:22:08 +10:00
trace powerpc/64: provide a helper macro to load r2 with the kernel TOC 2022-09-28 19:22:12 +10:00
vdso powerpc/vdso: link with -z noexecstack 2022-09-05 17:28:25 +10:00
.gitignore
85xx_entry_mapping.S powerpc: Remove CONFIG_FSL_BOOKE 2022-09-26 22:47:37 +10:00
Makefile powerpc: Cleanup idle for e500 2022-09-26 23:00:14 +10:00
align.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
asm-offsets.c powerpc: Remove CONFIG_PPC_FSL_BOOK3E 2022-09-26 23:00:13 +10:00
audit.c Revert "powerpc/audit: Convert powerpc to AUDIT_ARCH_COMPAT_GENERIC" 2021-10-27 22:30:32 +11:00
btext.c powerpc: Fix all occurences of duplicate words 2022-07-25 12:05:15 +10:00
cacheinfo.c powerpc: Remove asm/prom.h from all files that don't need it 2022-05-08 22:15:04 +10:00
cacheinfo.h
compat_audit.c Revert "powerpc/audit: Convert powerpc to AUDIT_ARCH_COMPAT_GENERIC" 2021-10-27 22:30:32 +11:00
cpu_setup_6xx.S
cpu_setup_44x.S
cpu_setup_e500.S powerpc: Remove CONFIG_PPC_BOOK3E_MMU 2022-09-26 23:00:14 +10:00
cpu_setup_pa6t.S
cpu_setup_power.c powerpc/cputable: Move __cpu_setup() prototypes out of cputable.h 2022-09-26 22:26:49 +10:00
cpu_setup_ppc970.S
cpu_specs.h powerpc/cputable: Split cpu_specs[] for mpc85xx and e500mc 2022-09-26 23:00:05 +10:00
cpu_specs_8xx.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_40x.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_44x.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_47x.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_85xx.h powerpc/cputable: Split cpu_specs[] for mpc85xx and e500mc 2022-09-26 23:00:05 +10:00
cpu_specs_book3s_32.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_book3s_64.h powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
cpu_specs_e500mc.h powerpc/cputable: Split cpu_specs[] for mpc85xx and e500mc 2022-09-26 23:00:05 +10:00
cputable.c powerpc/cputable: Split cpu_specs[] out of cputable.h 2022-09-26 22:47:13 +10:00
crash_dump.c powerpc updates for 5.19 2022-05-28 11:27:17 -07:00
dawr.c powerpc: Include asm/firmware.h in all users of firmware_has_feature() 2022-06-29 16:45:05 +10:00
dbell.c powerpc/64s/interrupt: Don't enable MSR[EE] in irq handlers unless perf is in use 2021-12-16 21:31:45 +11:00
dma-iommu.c powerpc/iommu: Report the correct most efficient DMA mask for PCI devices 2021-09-30 17:10:17 +10:00
dma-mask.c
dma-swiotlb.c swiotlb: add a SWIOTLB_ANY flag to lift the low memory restriction 2022-04-18 07:21:12 +02:00
dt_cpu_ftrs.c powerpc: move from strlcpy with unused retval to strscpy 2022-08-26 11:02:20 +10:00
early_32.c powerpc: Move C prototypes out of asm-prototypes.h 2022-03-08 22:06:25 +11:00
eeh.c powerpc: fix typos in comments 2022-05-05 22:12:44 +10:00
eeh_cache.c powerpc/kernel: Add __init attribute to eligible functions 2021-12-23 22:33:10 +11:00
eeh_driver.c powerpc: Fix all occurences of duplicate words 2022-07-25 12:05:15 +10:00
eeh_event.c powerpc: fix typos in comments 2022-05-05 22:12:44 +10:00
eeh_pe.c powerpc: Fix all occurences of "the the" 2022-05-22 15:59:43 +10:00
eeh_sysfs.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
entry_32.S powerpc/64: use 32-bit immediate for STACK_FRAME_REGS_MARKER 2022-09-28 19:22:12 +10:00
entry_64.S powerpc: Remove CONFIG_PPC_BOOK3E 2022-09-26 23:00:13 +10:00
epapr_hcalls.S
epapr_paravirt.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
exceptions-64e.S powerpc/64e: provide an addressing macro for use with TOC in alternate register 2022-09-28 19:22:12 +10:00
exceptions-64s.S powerpc/64s/interrupt: halt early boot interrupts if paca is not set up 2022-09-28 19:22:13 +10:00
fadump.c powerpc updates for 5.19 2022-05-28 11:27:17 -07:00
firmware.c powerpc: fix unbalanced node refcount in check_kvm_guest() 2021-10-09 00:15:59 +11:00
fpu.S powerpc/64s/interrupt: handle MSR EE and RI in interrupt entry wrapper 2021-12-16 21:31:45 +11:00
head_8xx.S powerpc/32: Remove _ENTRY() macro 2022-02-07 21:03:10 +11:00
head_32.h powerpc updates for 5.17 2022-01-14 15:17:26 +01:00
head_40x.S powerpc/32: Remove _ENTRY() macro 2022-02-07 21:03:10 +11:00
head_44x.S powerpc/32: Remove _ENTRY() macro 2022-02-07 21:03:10 +11:00
head_64.S powerpc/64s/interrupt: halt early boot interrupts if paca is not set up 2022-09-28 19:22:13 +10:00
head_85xx.S powerpc: Change CONFIG_E500 to CONFIG_PPC_E500 2022-09-26 23:00:13 +10:00
head_book3s_32.S powerpc/32: Set an IBAT covering up to _einittext during init 2022-07-27 21:36:05 +10:00
head_booke.h powerpc: Remove CONFIG_PPC_BOOK3E_MMU 2022-09-26 23:00:14 +10:00
hw_breakpoint.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
hw_breakpoint_constraints.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
idle.c powerpc/idle: Fix return value of __setup() handler 2022-05-04 19:37:46 +10:00
idle_6xx.S powerpc/mm: Switch obsolete dssall to .long 2021-12-23 22:35:13 +11:00
idle_64e.S powerpc: add ISA v3.0 / v3.1 wait opcode macro 2022-09-28 19:22:10 +10:00
idle_85xx.S powerpc: Cleanup idle for e500 2022-09-26 23:00:14 +10:00
idle_book3s.S powerpc/idle: Don't corrupt back chain when going idle 2021-10-20 21:37:58 +11:00
ima_arch.c
interrupt.c powerpc/64/interrupt: Fix return to masked context after hard-mask irq becomes pending 2022-09-28 19:22:11 +10:00
interrupt_64.S powerpc/64: provide a helper macro to load r2 with the kernel TOC 2022-09-28 19:22:12 +10:00
io-workarounds.c
io.c
iomap.c
iommu.c powerpc/iommu: Fix iommu_table_in_use for a small default DMA window case 2022-07-28 16:22:13 +10:00
irq.c powerpc updates for 6.0 2022-08-06 16:38:17 -07:00
irq_64.c powerpc/64/irq: tidy soft-masked irq replay and improve documentation 2022-09-28 19:22:11 +10:00
isa-bridge.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
jump_label.c
kdebugfs.c powerpc: rename powerpc_debugfs_root to arch_debugfs_dir 2021-08-13 22:04:26 +10:00
kgdb.c powerpc: Remove CONFIG_FSL_BOOKE 2022-09-26 22:47:37 +10:00
kprobes-ftrace.c ftrace: disable preemption when recursion locked 2021-10-27 11:21:49 -04:00
kprobes.c powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() 2022-09-28 22:19:52 +10:00
kvm.c powerpc: Remove CONFIG_PPC_BOOK3E_MMU 2022-09-26 23:00:14 +10:00
kvm_emul.S
l2cr_6xx.S powerpc/mm: Switch obsolete dssall to .long 2021-12-23 22:35:13 +11:00
legacy_serial.c powerpc/kernel: Add missing of_node_put() in legacy_serial.c 2022-09-05 17:28:26 +10:00
mce.c powerpc/mce: use early_cpu_to_node() in mce_init() 2022-07-27 21:36:04 +10:00
mce_power.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
misc.S powerpc: Avoid link stack corruption in misc asm functions 2021-08-25 13:35:47 +10:00
misc_32.S powerpc: Avoid link stack corruption in misc asm functions 2021-08-25 13:35:47 +10:00
misc_64.S powerpc: Remove CONFIG_PPC_BOOK3E 2022-09-26 23:00:13 +10:00
module.c powerpc: Replace PPC64_ELF_ABI_v{1/2} by CONFIG_PPC64_ELF_ABI_V{1/2} 2022-05-19 23:11:29 +10:00
module_32.c powerpc/modules: Use PPC_LI macros instead of opencoding 2022-05-22 15:58:27 +10:00
module_64.c powerpc/modules: Use PPC_LI macros instead of opencoding 2022-05-22 15:58:27 +10:00
msi.c
note.S
nvram_64.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
of_platform.c
optprobes.c powerpc/inst: Define ppc_inst_t as u32 on PPC32 2021-12-09 22:41:21 +11:00
optprobes_head.S powerpc/64: provide a helper macro to load r2 with the kernel TOC 2022-09-28 19:22:12 +10:00
paca.c powerpc: Remove CONFIG_PPC_BOOK3E 2022-09-26 23:00:13 +10:00
pci-common.c powerpc/pci-common: Fix refcount bug for 'phb->dn' 2022-09-05 17:30:29 +10:00
pci-hotplug.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
pci_32.c powerpc/pci: Enable PCI domains in /proc when PCI bus numbers are not unique 2022-08-25 17:47:08 +10:00
pci_64.c powerpc/pci: Hide pci_device_from_OF_node() for non-powermac code 2022-07-27 21:36:03 +10:00
pci_dn.c powerpc/pci_dn: Add missing of_node_put() 2022-09-05 17:30:25 +10:00
pci_of_scan.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
pmc.c
ppc_save_regs.S
proc_powerpc.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
process.c powerpc: Enable execve syscall exit tracepoint 2022-06-18 10:19:10 +10:00
prom.c powerpc/64: Init jump labels before parse_early_param() 2022-08-01 22:21:19 +10:00
prom_init.c powerpc/prom_init: drop PROM_BUG() 2022-09-26 20:58:18 +10:00
prom_init_check.sh powerpc/64: Remove unused prom_init_toc symbols 2022-09-26 20:58:16 +10:00
prom_parse.c
reloc_32.S powerpc: Avoid link stack corruption in misc asm functions 2021-08-25 13:35:47 +10:00
reloc_64.S powerpc/64: avoid using r13 in relocate 2022-09-28 19:22:13 +10:00
rtas-proc.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
rtas-rtc.c powerpc: Remove asm/prom.h from all files that don't need it 2022-05-08 22:15:04 +10:00
rtas.c powerpc/rtas: block error injection when locked down 2022-09-28 19:22:14 +10:00
rtas_entry.S powerpc/rtas: Fix RTAS MSR[HV] handling for Cell 2022-08-26 08:41:54 +10:00
rtas_flash.c powerpc: fix typos in comments 2022-05-05 22:12:44 +10:00
rtas_pci.c powerpc: Add missing headers 2022-05-08 22:15:40 +10:00
rtasd.c powerpc: Remove asm/prom.h from all files that don't need it 2022-05-08 22:15:04 +10:00
secure_boot.c
security.c powerpc: Remove CONFIG_PPC_FSL_BOOK3E 2022-09-26 23:00:13 +10:00
secvar-ops.c
secvar-sysfs.c powerpc/secvar: fix refcount leak in format_show() 2022-03-08 22:07:41 +11:00
setup-common.c Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
setup.h powerpc: Remove CONFIG_PPC_BOOK3E 2022-09-26 23:00:13 +10:00
setup_32.c powerpc: Change CONFIG_E500 to CONFIG_PPC_E500 2022-09-26 23:00:13 +10:00
setup_64.c powerpc/64s/interrupt: halt early boot interrupts if paca is not set up 2022-09-28 19:22:13 +10:00
signal.c powerpc/signal: Report minimum signal frame size to userspace via AT_MINSIGSTKSZ 2022-05-19 23:11:26 +10:00
signal.h powerpc/signal32: Fix sigset_t copy 2021-11-16 21:24:16 +11:00
signal_32.c powerpc: Include all arch-specific syscall prototypes 2022-09-28 19:22:08 +10:00
signal_64.c powerpc/signal: Update comment for clarity 2022-07-28 16:22:14 +10:00
smp-tbsync.c
smp.c powerpc/smp: poll cpu_callin_map more aggressively in __cpu_up() 2022-09-28 19:22:14 +10:00
stacktrace.c kprobes: treewide: Make it harder to refer kretprobe_trampoline directly 2021-09-30 21:24:06 -04:00
static_call.c powerpc/32: Add support for out-of-line static calls 2021-10-22 15:22:05 +11:00
suspend.c
swsusp.c
swsusp_32.S powerpc/mm: Switch obsolete dssall to .long 2021-12-23 22:35:13 +11:00
swsusp_64.c powerpc/machdep: Remove stale functions from ppc_md structure 2021-10-22 15:22:05 +11:00
swsusp_85xx.S powerpc: Remove CONFIG_FSL_BOOKE 2022-09-26 22:47:37 +10:00
swsusp_asm64.S powerpc/64: asm use consistent global variable declaration and access 2022-09-28 19:22:12 +10:00
sys_ppc32.c powerpc: Adopt SYSCALL_DEFINE for arch-specific syscall handlers 2022-09-28 19:22:08 +10:00
syscall.c powerpc: Provide syscall wrapper 2022-09-28 19:22:09 +10:00
syscalls.c powerpc: Adopt SYSCALL_DEFINE for arch-specific syscall handlers 2022-09-28 19:22:08 +10:00
sysfs.c powerpc: Remove CONFIG_PPC_FSL_BOOK3E 2022-09-26 23:00:13 +10:00
systbl.c powerpc: Provide syscall wrapper 2022-09-28 19:22:09 +10:00
systbl_chk.sh
tau_6xx.c powerpc: Move C prototypes out of asm-prototypes.h 2022-03-08 22:06:25 +11:00
time.c powerpc/time: avoid programming DEC at the start of the timer interrupt 2022-09-28 19:22:09 +10:00
tm.S powerpc/tm: Fix more userspace r13 corruption 2022-03-16 11:59:24 +11:00
traps.c powerpc/64s: early boot machine check handler 2022-09-28 19:22:13 +10:00
ucall.S
udbg.c powerpc: Add support for early debugging via Serial 16550 console 2022-09-28 19:22:09 +10:00
udbg_16550.c powerpc: Add support for early debugging via Serial 16550 console 2022-09-28 19:22:09 +10:00
uprobes.c powerpc: Reject probes on instructions that can't be single stepped 2022-05-06 00:00:20 +10:00
vdso.c powerpc: Provide syscall wrapper 2022-09-28 19:22:09 +10:00
vdso32_wrapper.S powerpc/vdso: Merge vdso64 and vdso32 into a single directory 2022-02-12 22:47:43 +11:00
vdso64_wrapper.S powerpc/vdso: Merge vdso64 and vdso32 into a single directory 2022-02-12 22:47:43 +11:00
vecemu.c powerpc/inst: Define ppc_inst_t 2021-12-09 22:41:21 +11:00
vector.S powerpc/64: asm use consistent global variable declaration and access 2022-09-28 19:22:12 +10:00
vmlinux.lds.S powerpc: Remove CONFIG_PPC_FSL_BOOK3E 2022-09-26 23:00:13 +10:00
watchdog.c powerpc/watchdog: introduce a NMI watchdog's factor 2022-07-27 21:36:02 +10:00