From patchwork Mon Aug 27 18:56:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jann Horn X-Patchwork-Id: 10577589 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3E1AE1803 for ; Mon, 27 Aug 2018 20:35:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 306922A096 for ; Mon, 27 Aug 2018 20:35:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2473C2A09F; Mon, 27 Aug 2018 20:35:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 49C5C2A09C for ; Mon, 27 Aug 2018 20:35:31 +0000 (UTC) Received: (qmail 25618 invoked by uid 550); 27 Aug 2018 20:35:29 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Delivered-To: moderator for kernel-hardening@lists.openwall.com Received: (qmail 26176 invoked from network); 27 Aug 2018 18:58:11 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=eqpJL+HTAUaly6TthXYPjkvNkyzv1PO/fAC6zdW/LP4=; b=QYmc8T2yUkQH5+tuKTLSQ5xRntLwae+jQotcuh9fniFtflY9ybVDubyF7tv/UFzzit jP5HzN2cyW5jpYOkeyNjZK2KIKQZLvX3ZcgacdgFjElEW5xQVlaSQ7RT4Bao2Zjh0hrn ms0HIGB0KPnZe2YhnNjcL5ebt/UWgZXiD+b9k0r1BPr4Hgtx85YuJhHuCSUYj1nawKlM VpbPyfj6tXqDfW5TYB84o+1NuXHvCuAjUMBcvmokHZyX0EJb2uC0ZFdKbBqk27/G4xpz QV4NYGeaCyC3RE03SSrlT84RpeIEcRbLqUASg7BPoVJ2b3vJCEU6CDqGdRzuGCAzJHLZ uEHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=eqpJL+HTAUaly6TthXYPjkvNkyzv1PO/fAC6zdW/LP4=; b=Kp5xdmEGsrOm24v/u81u3miJTBzfXImeEWeiO1uZT+8u7h/azRl7GzrEGY7LuCh9Fi nDvMOi5sfq+AgKAllcKovK5vPWsH9ctvXbNe2Og9VWsk8CHetzDlv9AQl2KKv6j9NyLn 5G3AuoIVgiCNPBBQ8N6zxwhX0jq/jpxisccwo2NHQ9G9EFK3so0RaqSPxeFENoLYnWFh j3ZSLf2yFJmkS43/wBeWsez5PZNivbD0viAD5O2ymQYtsjhNaZe8A3cBL2fogXIfsOt3 EsiRwchXH3/8mN2rH27gkKmw6kvVCl36Q7W+DRoWBUjc1FnO+w/ySKBfFnKgMWrK3nSe /LtA== X-Gm-Message-State: APzg51BD2ccnPyRmBuicxjUcwhWVMzloD4GG34wORPw0BQi/rob4nMPM A0SJddLn1zL3jwYUDlyeUIjxPMuWkg== X-Google-Smtp-Source: ANB0VdZ2/PwcEwXqcNrjOb3NgeqNHewW6uRfXlDAuW1Yz16d4zCG1H6YpaY0gP9ZOY0qGsHkkGsqAOOnTw== X-Received: by 2002:a63:4541:: with SMTP id u1-v6mr5333pgk.104.1535396279373; Mon, 27 Aug 2018 11:57:59 -0700 (PDT) Date: Mon, 27 Aug 2018 20:56:27 +0200 In-Reply-To: <20180827185631.163506-1-jannh@google.com> Message-Id: <20180827185631.163506-4-jannh@google.com> Mime-Version: 1.0 References: <20180827185631.163506-1-jannh@google.com> X-Mailer: git-send-email 2.19.0.rc0.228.g281dcd1b4d0-goog Subject: [PATCH v2 3/7] x86: stop calling fixup_exception() from kprobe_fault_handler() From: Jann Horn To: Kees Cook , Thomas Gleixner , Ingo Molnar , x86@kernel.org, Andy Lutomirski , kernel-hardening@lists.openwall.com, Tony Luck , Borislav Petkov , jannh@google.com Cc: linux-kernel@vger.kernel.org, dvyukov@google.com, linux-edac@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This removes the call into exception fixup that was added in commit c28f896634f2 ("[PATCH] kprobes: fix broken fault handling for x86_64"). On X86, kprobe_fault_handler() is called from two places: do_general_protection() (for #GP) and kprobes_fault() (for #PF). In both paths, the fixup_exception() call in the kprobe fault handler is redundant. For #GP, fixup_exception() is called immediately before kprobe_fault_handler() is invoked - if someone wanted to fix up our #GP, they've already done so, no need to try again. (This assumes that the kprobe's fault handler isn't going to do something crazy like changing RIP so that it suddenly points to an instruction that does userspace access.) For #PF on a kernel address from kernel space, after the kprobe fault handler has run, we'll go into no_context(), which calls fixup_exception(). Signed-off-by: Jann Horn Acked-by: Masami Hiramatsu --- arch/x86/kernel/kprobes/core.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c index 467ac22691b0..7315ac202aad 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -1021,13 +1021,6 @@ int kprobe_fault_handler(struct pt_regs *regs, int trapnr) if (cur->fault_handler && cur->fault_handler(cur, regs, trapnr)) return 1; - /* - * In case the user-specified fault handler returned - * zero, try to fix up. - */ - if (fixup_exception(regs, trapnr)) - return 1; - /* fixup routine could not handle it. */ }