• Kees Cook's avatar
    lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() · 1b4cfe3c
    Kees Cook authored
    Commit b8347c21 ("x86/debug: Handle warnings before the notifier
    chain, to fix KGDB crash") changed the ordering of fixups, and did not
    take into account the case of x86 processing non-WARN() and non-BUG()
    exceptions.  This would lead to output of a false BUG line with no other
    information.
    
    In the case of a refcount exception, it would be immediately followed by
    the refcount WARN(), producing very strange double-"cut here":
    
      lkdtm: attempting bad refcount_inc() overflow
      ------------[ cut here ]------------
      Kernel BUG at 0000000065f29de5 [verbose debug info unavailable]
      ------------[ cut here ]------------
      refcount_t overflow at lkdtm_REFCOUNT_INC_OVERFLOW+0x6b/0x90 in cat[3065], uid/euid: 0/0
      WARNING: CPU: 0 PID: 3065 at kernel/panic.c:657 refcount_error_report+0x9a/0xa4
      ...
    
    In the prior ordering, exceptions were searched first:
    
       do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
       ...
                    if (fixup_exception(regs, trapnr))
                            return 0;
    
      -               if (fixup_bug(regs, trapnr))
      -                       return 0;
      -
    
    As a result, fixup_bugs()'s is_valid_bugaddr() didn't take into account
    needing to search the exception list first, since that had already
    happened.
    
    So, instead of searching the exception list twice (once in
    is_valid_bugaddr() and then again in fixup_exception()), just add a
    simple sanity check to report_bug() that will immediately bail out if a
    BUG() (or WARN()) entry is not found.
    
    Link: http://lkml.kernel.org/r/20180301225934.GA34350@beast
    Fixes: b8347c21 ("x86/debug: Handle warnings before the notifier chain, to fix KGDB crash")
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    Cc: Ingo Molnar <mingo@kernel.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Richard Weinberger <richard.weinberger@gmail.com>
    Cc: <stable@vger.kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    1b4cfe3c
Name
Last commit
Last update
Documentation Loading commit data...
LICENSES Loading commit data...
arch Loading commit data...
block Loading commit data...
certs Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
tools Loading commit data...
usr Loading commit data...
virt Loading commit data...
.cocciconfig Loading commit data...
.get_maintainer.ignore Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
Kconfig Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...