git.baikalelectronics.ru Git - kernel.git/commit

author	Jann Horn <jannh@google.com>
	Tue, 28 Aug 2018 20:14:17 +0000 (22:14 +0200)
committer	Thomas Gleixner <tglx@linutronix.de>
	Mon, 3 Sep 2018 13:12:08 +0000 (15:12 +0200)
commit	ca1c4504611b783a370b916487b637816fb4857c
tree	e7fcc4c123d0b8879c18f092b9c833824a4d74c9	tree \| snapshot
parent	ad6a44c6384f85c11b0c5a9a15017206098b7508	commit \| diff

x86/kprobes: Stop calling fixup_exception() from kprobe_fault_handler()

This removes the call into exception fixup that was added in commit
6387ad6bbac0 ("[PATCH] kprobes: fix broken fault handling for x86_64").

On X86, kprobe_fault_handler() is called from two places:
do_general_protection() (for #GP) and kprobes_fault() (for #PF). In both
paths, the fixup_exception() call in the kprobe fault handler is redundant.

In case of #GP, fixup_exception() is called immediately before
kprobe_fault_handler() is invoked, so no need to try that again. This
assumes that the kprobe's fault handler isn't going to do something crazy
like changing RIP so that it suddenly points to an instruction that does
userspace access.

For #PF on a kernel address from kernel space, after the kprobe fault
handler has run, no_context() is invoked, which calls fixup_exception().

Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Kees Cook <keescook@chromium.org>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-kernel@vger.kernel.org
Cc: dvyukov@google.com
Cc: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Cc: Borislav Petkov <bp@alien8.de>
Link: https://lkml.kernel.org/r/20180828201421.157735-4-jannh@google.com