On Tue, Dec 29, 2020 at 01:30:33PM -0800, Yu-cheng Yu wrote:
> @@ -606,6 +606,65 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection)
> cond_local_irq_disable(regs);
> }
>
> +#ifdef CONFIG_X86_CET_USER
> +static const char * const control_protection_err[] = {
> + "unknown",
> + "near-ret",
> + "far-ret/iret",
> + "endbranch",
> + "rstorssp",
> + "setssbsy",
> +};
> +
> +/*
> + * When a control protection exception occurs, send a signal to the
> responsible
> + * application. Currently, control protection is only enabled for the user
> + * mode. This exception should not come from the kernel mode.
> + */
There's no "the user mode" or "the kernel mode" - just "user mode" or
"kernel mode".
> +DEFINE_IDTENTRY_ERRORCODE(exc_control_protection)
> +{
> + struct task_struct *tsk;
> +
> + if (!user_mode(regs)) {
> + if (notify_die(DIE_TRAP, "control protection fault", regs,
> + error_code, X86_TRAP_CP, SIGSEGV) == NOTIFY_STOP)
> + return;
> + die("Upexpected/unsupported kernel control protection fault",
> regs, error_code);
Isn't the machine supposed to panic() here and do no further progress?
> + }
> +
> + cond_local_irq_enable(regs);
> +
> + if (!boot_cpu_has(X86_FEATURE_CET))
> + WARN_ONCE(1, "Control protection fault with CET support
> disabled\n");
> +
> + tsk = current;
> + tsk->thread.error_code = error_code;
> + tsk->thread.trap_nr = X86_TRAP_CP;
> +
> + if (show_unhandled_signals && unhandled_signal(tsk, SIGSEGV) &&
> + printk_ratelimit()) {
WARNING: Prefer printk_ratelimited or pr_<level>_ratelimited to printk_ratelimit
#136: FILE: arch/x86/kernel/traps.c:645:
+ printk_ratelimit()) {
Still not using checkpatch?
> + unsigned int max_err;
> + unsigned long ssp;
> +
> + max_err = ARRAY_SIZE(control_protection_err) - 1;
> + if ((error_code < 0) || (error_code > max_err))
> + error_code = 0;
> +
> + rdmsrl(MSR_IA32_PL3_SSP, ssp);
> + pr_info("%s[%d] control protection ip:%lx sp:%lx ssp:%lx
> error:%lx(%s)",
If anything, all this stuff should be pr_emerg().
> + tsk->comm, task_pid_nr(tsk),
> + regs->ip, regs->sp, ssp, error_code,
> + control_protection_err[error_code]);
> + print_vma_addr(KERN_CONT " in ", regs->ip);
> + pr_cont("\n");
> + }
> +
> + force_sig_fault(SIGSEGV, SEGV_CPERR,
> + (void __user *)uprobe_get_trap_addr(regs));
> + cond_local_irq_disable(regs);
> +}
> +#endif
> +
> static bool do_int3(struct pt_regs *regs)
> {
> int res;
> diff --git a/include/uapi/asm-generic/siginfo.h
> b/include/uapi/asm-generic/siginfo.h
> index d2597000407a..1c2ea91284a0 100644
> --- a/include/uapi/asm-generic/siginfo.h
> +++ b/include/uapi/asm-generic/siginfo.h
> @@ -231,7 +231,8 @@ typedef struct siginfo {
> #define SEGV_ADIPERR 7 /* Precise MCD exception */
> #define SEGV_MTEAERR 8 /* Asynchronous ARM MTE error */
> #define SEGV_MTESERR 9 /* Synchronous ARM MTE exception */
> -#define NSIGSEGV 9
> +#define SEGV_CPERR 10 /* Control protection fault */
> +#define NSIGSEGV 10
This looks like it needs documentation in this manpage:
https://www.man7.org/linux/man-pages/man2/sigaction.2.html
+ Michael.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
