Find the patch attached for memory checks (comparison of
requested address against TASK_SIZE) to kgdb_mem2hex, kgdb_ebin2mem,
kgdb_hex2mem. This prohibits KGDB from accessing user level memory.
On Thu, 2006-08-17 at 18:22 +0530, Amit S. Kale wrote:
> On Thursday 17 August 2006 04:19, Piet Delaney wrote:
> > On Wed, 2006-08-16 at 11:41 +0530, Amit S. Kale wrote:
> > > Hi Kevin,
> > >
> > > Thanks for reporting this problem. Looking more into KGDB patches, this
> > > seems to be present on all platforms.
> > >
> > > KGDB shouldn't access user level memory at all. There is a comparison of
> > > requested address against TASK_SIZE in kernel/kgdb.c functions to take
> > > care of this. kgdb_set_mem and kgdb_get_mem functions in present
> > > kernel/kgdb.c contain this check but kgdb_mem2hex, kgdb_ebin2mem,
> > > kgdb_hex2mem don't. We need to add this check to these three functions
> > > also.
> >
> > I recall having a problem with the 2.6.12/2.6.13 kgdb patch when using
> > gdb in user space and using a watchpoint. I believe this uses Intel
> > debug hardware and I think somehow got involved with kgdb. If I see it
> > again I'll let ya know.
>
> It would have been because of the same problem. Needs to be fixed asap.
> -Amit
>
> >
> > -piet
> >
> > > -Amit
> > >
> > > On Thursday 10 August 2006 04:00, Kevin Hilman wrote:
> > > > There's a problem in handling kgdb-triggered memory faults on ARM when
> > > > the process in question has a user context.
> > > >
> > > > To reproduce, set a breakpoint at a system call (sys_sync for example),
> > > > once the breakpoint is hit, do an 'info threads'. In the process of
> > > > doing this, kgdb_mem2hex may trigger a memory fault, but since this
> > > > process has a user context, it doesn't take the path with the kgdb
> > > > setjmp/longjmp fixups. Even worse, it eventually ends up in do_no_page
> > > > which can sleep, and since kgdb has disabled interrupts, a 'scheduling
> > > > while atomic' BUG appears.
> > > >
> > > > It seems to work OK with no preemption, but this bug arises under
> > > > CONFIG_PREEMPT.
> > > >
> > > > Patch below has been verified on a MontaVista 2.6.10 kernel (ARMv5, and
> > > > v6) but should be same on newer kernels.
> > > >
> > > > Kevin
> > > >
> > > > Index: linux-2.6.10/arch/arm/mm/fault.c
> > > > ===================================================================
> > > > --- linux-2.6.10.orig/arch/arm/mm/fault.c
> > > > +++ linux-2.6.10/arch/arm/mm/fault.c
> > > > @@ -217,6 +217,10 @@ out:
> > > > return fault;
> > > > }
> > > >
> > > > +#ifdef CONFIG_KGDB
> > > > +extern int kgdb_may_fault;
> > > > +#endif
> > > > +
> > > > static int
> > > > do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs
> > > > *regs) {
> > > > @@ -227,6 +231,11 @@ do_page_fault(unsigned long addr, unsign
> > > > tsk = current;
> > > > mm = tsk->mm;
> > > >
> > > > +#ifdef CONFIG_KGDB
> > > > + if (kgdb_may_fault)
> > > > + goto no_context;
> > > > +#endif
> > > > +
> > > > /*
> > > > * If we're in an interrupt or have no user
> > > > * context, we must not take the fault..
> > > >
> > > > -----------------------------------------------------------------------
> > > >-- Using Tomcat but need to do more? Need to support web services,
> > > > security? Get stuff done quickly with pre-integrated technology to make
> > > > your job easier Download IBM WebSphere Application Server v.1.0.1 based
> > > > on Apache Geronimo
> > > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=12164
> > > >2 _______________________________________________
> > > > Kgdb-bugreport mailing list
> > > > [email protected]
> > > > https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
> > >
> > > -------------------------------------------------------------------------
> > > Using Tomcat but need to do more? Need to support web services, security?
> > > Get stuff done quickly with pre-integrated technology to make your job
> > > easier Download IBM WebSphere Application Server v.1.0.1 based on Apache
> > > Geronimo
> > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> > > _______________________________________________
> > > Kgdb-bugreport mailing list
> > > [email protected]
> > > https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Kgdb-bugreport mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
>
>
--
-Milind
"There is no place like 127.0.0.1"
Signed off: Milind Dumbare <[EMAIL PROTECTED]>
kgdb.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
Index: linux-2.6.17-memchecks/kernel/kgdb.c
===================================================================
--- linux-2.6.17-memchecks.orig/kernel/kgdb.c
+++ linux-2.6.17-memchecks/kernel/kgdb.c
@@ -447,6 +447,11 @@ char *kgdb_mem2hex(char *mem, char *buf,
kgdb_may_fault = 0;
return ERR_PTR(-EINVAL);
}
+ if ((unsigned long)mem < TASK_SIZE) {
+ kgdb_may_fault = 0;
+ return ERR_PTR(-EINVAL);
+ }
+
/* Accessing some registers in a single load instruction is
* required to avoid bad side effects for some I/O registers.
*/
@@ -550,6 +555,11 @@ static char *kgdb_ebin2mem(char *buf, ch
kgdb_may_fault = 0;
return ERR_PTR(-EINVAL);
}
+ if ((unsigned long)mem < TASK_SIZE) {
+ kgdb_may_fault = 0;
+ return ERR_PTR(-EINVAL);
+ }
+
for (; count > 0; count--, buf++) {
if (*buf == 0x7d)
*mem++ = *(++buf) ^ 0x20;
@@ -572,6 +582,11 @@ char *kgdb_hex2mem(char *buf, char *mem,
kgdb_may_fault = 0;
return ERR_PTR(-EINVAL);
}
+ if ((unsigned long)mem < TASK_SIZE) {
+ kgdb_may_fault = 0;
+ return ERR_PTR(-EINVAL);
+ }
+
if ((count == 2) && (((long)mem & 1) == 0)) {
unsigned short tmp_s = 0;
#ifdef __BIG_ENDIAN
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Kgdb-bugreport mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
