Not all architectures/ABIs pass the return address (RA) on the stack on function entry, like x86-64 does due to its CALL instruction pushing the RA onto the stack. Architectures/ABIs, such as s390, also do not require the RA to be saved on the stack in the function prologue. In particular, the RA may never be saved to the stack at all, such as in leaf functions. Unwinding must therefore not assume the presence of a RA saved on stack for the topmost frame.
Treat a RA offset from CFA of zero as indication that the RA is not saved (on the stack). For the topmost frame treat it as indication that the RA is in the link/RA register, such as on arm64 and s390, and obtain it from there. For non-topmost frames treat it as error, as the RA must be saved. Additionally allow the SP to be unchanged in the topmost frame, for architectures where SP at function entry == SP at call site, such as arm64 and s390. Note that treating a RA offset from CFA of zero as indication that the RA is not saved on the stack additionally allows for architectures, such as s390, where the frame pointer (FP) may be saved without the RA being saved as well. Provided that such architectures represent this in SFrame by encoding the "missing" RA offset using a padding RA offset with a value of zero. Reviewed-by: Indu Bhagat <[email protected]> Signed-off-by: Jens Remus <[email protected]> --- Notes (jremus): Changes in v15: - Define pr_fmt(). - unwind_user_get_ra_reg(): Use pr_debug_once() instead of WARN_ON_ONCE() to prevent user-triggered warning/panic. (Sashiko AI) - Reworded commit message. (Indu) include/linux/unwind_user.h | 10 ++++++++++ kernel/unwind/sframe.c | 6 ++---- kernel/unwind/user.c | 20 ++++++++++++++++---- 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/include/linux/unwind_user.h b/include/linux/unwind_user.h index 64618618febd..7bf58f23aa64 100644 --- a/include/linux/unwind_user.h +++ b/include/linux/unwind_user.h @@ -23,6 +23,16 @@ static inline bool unwind_user_at_function_start(struct pt_regs *regs) #define unwind_user_at_function_start unwind_user_at_function_start #endif +#ifndef unwind_user_get_ra_reg +static inline int unwind_user_get_ra_reg(unsigned long *val) +{ + pr_debug_once("%s (%d): unwind_user_get_ra_reg() not implemented\n", + current->comm, current->pid); + return -EINVAL; +} +#define unwind_user_get_ra_reg unwind_user_get_ra_reg +#endif + int unwind_user(struct unwind_stacktrace *trace, unsigned int max_entries); #endif /* _LINUX_UNWIND_USER_H */ diff --git a/kernel/unwind/sframe.c b/kernel/unwind/sframe.c index b5f984fb2df2..4af533e9f980 100644 --- a/kernel/unwind/sframe.c +++ b/kernel/unwind/sframe.c @@ -255,10 +255,8 @@ static __always_inline int __read_fre(struct sframe_section *sec, dataword_count--; ra_off = sec->ra_off; - if (!ra_off) { - if (!dataword_count--) - return -EINVAL; - + if (!ra_off && dataword_count) { + dataword_count--; UNSAFE_GET_USER_INC(ra_off, cur, dataword_size, Efault); } diff --git a/kernel/unwind/user.c b/kernel/unwind/user.c index fdb1001e3750..afa7c6f6d9b4 100644 --- a/kernel/unwind/user.c +++ b/kernel/unwind/user.c @@ -2,6 +2,9 @@ /* * Generic interfaces for unwinding user space */ + +#define pr_fmt(fmt) "unwind_user: " fmt + #include <linux/kernel.h> #include <linux/sched.h> #include <linux/sched/task_stack.h> @@ -48,8 +51,12 @@ static int unwind_user_next_common(struct unwind_user_state *state, } cfa += frame->cfa_off; - /* Make sure that stack is not going in wrong direction */ - if (cfa <= state->sp) + /* + * Make sure that stack is not going in wrong direction. Allow SP + * to be unchanged for the topmost frame, by subtracting topmost, + * which is either 0 or 1. + */ + if (cfa <= state->sp - state->topmost) return -EINVAL; /* Make sure that the address is word aligned */ @@ -57,8 +64,13 @@ static int unwind_user_next_common(struct unwind_user_state *state, return -EINVAL; /* Get the Return Address (RA) */ - if (get_user_word(&ra, cfa, frame->ra_off, state->ws)) - return -EINVAL; + if (frame->ra_off) { + if (get_user_word(&ra, cfa, frame->ra_off, state->ws)) + return -EINVAL; + } else { + if (!state->topmost || unwind_user_get_ra_reg(&ra)) + return -EINVAL; + } /* Get the Frame Pointer (FP) */ if (frame->fp_off && get_user_word(&fp, cfa, frame->fp_off, state->ws)) -- 2.51.0
