From: Greg Kroah-Hartman Date: Mon, 14 Jun 2021 08:51:48 +0000 (+0200) Subject: 4.4-stable patches X-Git-Tag: v4.4.273~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d03ad6b06fb6dbe61044179bba96465134a68a04;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: ftrace-do-not-blindly-read-the-ip-address-in-ftrace_bug.patch --- diff --git a/queue-4.4/ftrace-do-not-blindly-read-the-ip-address-in-ftrace_bug.patch b/queue-4.4/ftrace-do-not-blindly-read-the-ip-address-in-ftrace_bug.patch new file mode 100644 index 00000000000..f52cf3c0b51 --- /dev/null +++ b/queue-4.4/ftrace-do-not-blindly-read-the-ip-address-in-ftrace_bug.patch @@ -0,0 +1,55 @@ +From 6c14133d2d3f768e0a35128faac8aa6ed4815051 Mon Sep 17 00:00:00 2001 +From: "Steven Rostedt (VMware)" +Date: Mon, 7 Jun 2021 21:39:08 -0400 +Subject: ftrace: Do not blindly read the ip address in ftrace_bug() + +From: Steven Rostedt (VMware) + +commit 6c14133d2d3f768e0a35128faac8aa6ed4815051 upstream. + +It was reported that a bug on arm64 caused a bad ip address to be used for +updating into a nop in ftrace_init(), but the error path (rightfully) +returned -EINVAL and not -EFAULT, as the bug caused more than one error to +occur. But because -EINVAL was returned, the ftrace_bug() tried to report +what was at the location of the ip address, and read it directly. This +caused the machine to panic, as the ip was not pointing to a valid memory +address. + +Instead, read the ip address with copy_from_kernel_nofault() to safely +access the memory, and if it faults, report that the address faulted, +otherwise report what was in that location. + +Link: https://lore.kernel.org/lkml/20210607032329.28671-1-mark-pk.tsai@mediatek.com/ + +Cc: stable@vger.kernel.org +Fixes: 05736a427f7e1 ("ftrace: warn on failure to disable mcount callers") +Reported-by: Mark-PK Tsai +Tested-by: Mark-PK Tsai +Signed-off-by: Steven Rostedt (VMware) +Signed-off-by: Greg Kroah-Hartman +--- + kernel/trace/ftrace.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +--- a/kernel/trace/ftrace.c ++++ b/kernel/trace/ftrace.c +@@ -1943,12 +1943,18 @@ static int ftrace_hash_ipmodify_update(s + + static void print_ip_ins(const char *fmt, unsigned char *p) + { ++ char ins[MCOUNT_INSN_SIZE]; + int i; + ++ if (probe_kernel_read(ins, p, MCOUNT_INSN_SIZE)) { ++ printk(KERN_CONT "%s[FAULT] %px\n", fmt, p); ++ return; ++ } ++ + printk(KERN_CONT "%s", fmt); + + for (i = 0; i < MCOUNT_INSN_SIZE; i++) +- printk(KERN_CONT "%s%02x", i ? ":" : "", p[i]); ++ printk(KERN_CONT "%s%02x", i ? ":" : "", ins[i]); + } + + static struct ftrace_ops * diff --git a/queue-4.4/series b/queue-4.4/series index 6d7dfb061d2..5cbcf528819 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -31,3 +31,4 @@ perf-session-correct-buffer-copying-when-peeking-eve.patch kvm-fix-previous-commit-for-32-bit-builds.patch nfsv4-nfs4_proc_set_acl-needs-to-restore-nfs_cap_uidgid_nomap-on-error.patch scsi-core-only-put-parent-device-if-host-state-differs-from-shost_created.patch +ftrace-do-not-blindly-read-the-ip-address-in-ftrace_bug.patch