x86/umip: Print a warning into the syslog if UMIP-protected instructions are used
Print a rate-limited warning when a user-space program attempts to execute any of the instructions that UMIP protects (i.e., SGDT, SIDT, SLDT, STR and SMSW). This is useful, because when CONFIG_X86_INTEL_UMIP=y is selected and supported by the hardware, user space programs that try to execute such instructions will receive a SIGSEGV signal that they might not expect. In the specific cases for which emulation is provided (instructions SGDT, SIDT and SMSW in protected and virtual-8086 modes), no signal is generated. However, a warning is helpful to encourage updates in such programs to avoid the use of such instructions. Warnings are printed via a customized printk() function that also provides information about the program that attempted to use the affected instructions. Utility macros are defined to wrap umip_printk() for the error and warning kernel log levels. While here, replace an existing call to the generic rate-limited pr_err() with the new umip_pr_err(). Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Cc: Andy Lutomirski <luto@kernel.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Borislav Petkov <bp@suse.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ravi V. Shankar <ravi.v.shankar@intel.com> Cc: Tony Luck <tony.luck@intel.com> Cc: ricardo.neri@intel.com Link: http://lkml.kernel.org/r/1511233476-17088-1-git-send-email-ricardo.neri-calderon@linux.intel.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
parent
b4c0a7326f
commit
fd11a6496e
|
@ -82,6 +82,57 @@
|
|||
#define UMIP_INST_SLDT 3 /* 0F 00 /0 */
|
||||
#define UMIP_INST_STR 4 /* 0F 00 /1 */
|
||||
|
||||
const char * const umip_insns[5] = {
|
||||
[UMIP_INST_SGDT] = "SGDT",
|
||||
[UMIP_INST_SIDT] = "SIDT",
|
||||
[UMIP_INST_SMSW] = "SMSW",
|
||||
[UMIP_INST_SLDT] = "SLDT",
|
||||
[UMIP_INST_STR] = "STR",
|
||||
};
|
||||
|
||||
#define umip_pr_err(regs, fmt, ...) \
|
||||
umip_printk(regs, KERN_ERR, fmt, ##__VA_ARGS__)
|
||||
#define umip_pr_warning(regs, fmt, ...) \
|
||||
umip_printk(regs, KERN_WARNING, fmt, ##__VA_ARGS__)
|
||||
|
||||
/**
|
||||
* umip_printk() - Print a rate-limited message
|
||||
* @regs: Register set with the context in which the warning is printed
|
||||
* @log_level: Kernel log level to print the message
|
||||
* @fmt: The text string to print
|
||||
*
|
||||
* Print the text contained in @fmt. The print rate is limited to bursts of 5
|
||||
* messages every two minutes. The purpose of this customized version of
|
||||
* printk() is to print messages when user space processes use any of the
|
||||
* UMIP-protected instructions. Thus, the printed text is prepended with the
|
||||
* task name and process ID number of the current task as well as the
|
||||
* instruction and stack pointers in @regs as seen when entering kernel mode.
|
||||
*
|
||||
* Returns:
|
||||
*
|
||||
* None.
|
||||
*/
|
||||
static __printf(3, 4)
|
||||
void umip_printk(const struct pt_regs *regs, const char *log_level,
|
||||
const char *fmt, ...)
|
||||
{
|
||||
/* Bursts of 5 messages every two minutes */
|
||||
static DEFINE_RATELIMIT_STATE(ratelimit, 2 * 60 * HZ, 5);
|
||||
struct task_struct *tsk = current;
|
||||
struct va_format vaf;
|
||||
va_list args;
|
||||
|
||||
if (!__ratelimit(&ratelimit))
|
||||
return;
|
||||
|
||||
va_start(args, fmt);
|
||||
vaf.fmt = fmt;
|
||||
vaf.va = &args;
|
||||
printk("%s" pr_fmt("%s[%d] ip:%lx sp:%lx: %pV"), log_level, tsk->comm,
|
||||
task_pid_nr(tsk), regs->ip, regs->sp, &vaf);
|
||||
va_end(args);
|
||||
}
|
||||
|
||||
/**
|
||||
* identify_insn() - Identify a UMIP-protected instruction
|
||||
* @insn: Instruction structure with opcode and ModRM byte.
|
||||
|
@ -236,10 +287,8 @@ static void force_sig_info_umip_fault(void __user *addr, struct pt_regs *regs)
|
|||
if (!(show_unhandled_signals && unhandled_signal(tsk, SIGSEGV)))
|
||||
return;
|
||||
|
||||
pr_err_ratelimited("%s[%d] umip emulation segfault ip:%lx sp:%lx error:%x in %lx\n",
|
||||
tsk->comm, task_pid_nr(tsk), regs->ip,
|
||||
regs->sp, X86_PF_USER | X86_PF_WRITE,
|
||||
regs->ip);
|
||||
umip_pr_err(regs, "segfault in emulation. error%x\n",
|
||||
X86_PF_USER | X86_PF_WRITE);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -326,10 +375,15 @@ bool fixup_umip_exception(struct pt_regs *regs)
|
|||
if (umip_inst < 0)
|
||||
return false;
|
||||
|
||||
umip_pr_warning(regs, "%s instruction cannot be used by applications.\n",
|
||||
umip_insns[umip_inst]);
|
||||
|
||||
/* Do not emulate SLDT, STR or user long mode processes. */
|
||||
if (umip_inst == UMIP_INST_STR || umip_inst == UMIP_INST_SLDT || user_64bit_mode(regs))
|
||||
return false;
|
||||
|
||||
umip_pr_warning(regs, "For now, expensive software emulation returns the result.\n");
|
||||
|
||||
if (emulate_umip_insn(&insn, umip_inst, dummy_data, &dummy_data_size))
|
||||
return false;
|
||||
|
||||
|
|
Loading…
Reference in New Issue