On Thu, 25 Jul 2019, Peter Zijlstra wrote:
> On Thu, Jul 25, 2019 at 09:37:15AM -0700, Andy Lutomirski wrote:
> > A data breakpoint near the top of an IST stack will cause unresoverable
unresoverable?
> > recursion. A data breakpoint on the GDT, IDT, or TSS is terrifying.
> > Prevent either of these from happening.
> >
> > Co-developed-by: Peter Zijlstra <pet...@infradead.org>
Co-developed-by want's a Signed-off-by of the co-developer
> > Signed-off-by: Andy Lutomirski <l...@kernel.org>
> > diff --git a/arch/x86/kernel/hw_breakpoint.c
> > b/arch/x86/kernel/hw_breakpoint.c
> > index 218c8917118e..dc4581fe4b4e 100644
> > --- a/arch/x86/kernel/hw_breakpoint.c
> > +++ b/arch/x86/kernel/hw_breakpoint.c
> > @@ -231,6 +231,23 @@ static int arch_build_bp_info(struct perf_event *bp,
> > const struct perf_event_attr *attr,
> > struct arch_hw_breakpoint *hw)
> > {
> > + unsigned long bp_end;
> > +
> > + /* Ensure that bp_end does not oveflow. */
oveflow?
> > + if (attr->bp_len >= ULONG_MAX - attr->bp_addr)
> > + return -EINVAL;
> > +
> > + bp_end = attr->bp_addr + attr->bp_len - 1;
>
> The alternative (and possibly more conventional) overflow test would be:
>
> if (bp_end < attr->bp_addr)
> return -EINVAL;
Yes please.
> > +
> > + /*
> > + * Prevent any breakpoint of any type that overlaps the
> > + * cpu_entry_area. This protects the IST stacks and also
> > + * reduces the chance that we ever find out what happens if
I surely hope that the chance is reduced to 0 ...
I know this is all an annoyance brought to us by hardware and I surely
enjoy the hidden sarcasm but please make this information as technically
accurate as possible. Put the rant into an extra line of the comment :)
> > + * there's a data breakpoint on the GDT, IDT, or TSS.
> > + */
> > + if (within_cpu_entry_area(attr->bp_addr, bp_end))
> > + return -EINVAL;
Thanks,
tglx
