1 #include <linux/sched.h> 2 #include <asm/ptrace.h> 3 #include <asm/bitops.h> 4 #include <asm/stacktrace.h> 5 #include <asm/unwind.h> 6 7 #define FRAME_HEADER_SIZE (sizeof(long) * 2) 8 9 static void unwind_dump(struct unwind_state *state, unsigned long *sp) 10 { 11 static bool dumped_before = false; 12 bool prev_zero, zero = false; 13 unsigned long word; 14 15 if (dumped_before) 16 return; 17 18 dumped_before = true; 19 20 printk_deferred("unwind stack type:%d next_sp:%p mask:%lx graph_idx:%d\n", 21 state->stack_info.type, state->stack_info.next_sp, 22 state->stack_mask, state->graph_idx); 23 24 for (sp = state->orig_sp; sp < state->stack_info.end; sp++) { 25 word = READ_ONCE_NOCHECK(*sp); 26 27 prev_zero = zero; 28 zero = word == 0; 29 30 if (zero) { 31 if (!prev_zero) 32 printk_deferred("%p: %016x ...\n", sp, 0); 33 continue; 34 } 35 36 printk_deferred("%p: %016lx (%pB)\n", sp, word, (void *)word); 37 } 38 } 39 40 unsigned long unwind_get_return_address(struct unwind_state *state) 41 { 42 unsigned long addr; 43 unsigned long *addr_p = unwind_get_return_address_ptr(state); 44 45 if (unwind_done(state)) 46 return 0; 47 48 if (state->regs && user_mode(state->regs)) 49 return 0; 50 51 addr = ftrace_graph_ret_addr(state->task, &state->graph_idx, *addr_p, 52 addr_p); 53 54 if (!__kernel_text_address(addr)) { 55 printk_deferred_once(KERN_WARNING 56 "WARNING: unrecognized kernel stack return address %p at %p in %s:%d\n", 57 (void *)addr, addr_p, state->task->comm, 58 state->task->pid); 59 unwind_dump(state, addr_p); 60 return 0; 61 } 62 63 return addr; 64 } 65 EXPORT_SYMBOL_GPL(unwind_get_return_address); 66 67 static size_t regs_size(struct pt_regs *regs) 68 { 69 /* x86_32 regs from kernel mode are two words shorter: */ 70 if (IS_ENABLED(CONFIG_X86_32) && !user_mode(regs)) 71 return sizeof(*regs) - 2*sizeof(long); 72 73 return sizeof(*regs); 74 } 75 76 static bool is_last_task_frame(struct unwind_state *state) 77 { 78 unsigned long bp = (unsigned long)state->bp; 79 unsigned long regs = (unsigned long)task_pt_regs(state->task); 80 81 /* 82 * We have to check for the last task frame at two different locations 83 * because gcc can occasionally decide to realign the stack pointer and 84 * change the offset of the stack frame by a word in the prologue of a 85 * function called by head/entry code. 86 */ 87 return bp == regs - FRAME_HEADER_SIZE || 88 bp == regs - FRAME_HEADER_SIZE - sizeof(long); 89 } 90 91 /* 92 * This determines if the frame pointer actually contains an encoded pointer to 93 * pt_regs on the stack. See ENCODE_FRAME_POINTER. 94 */ 95 static struct pt_regs *decode_frame_pointer(unsigned long *bp) 96 { 97 unsigned long regs = (unsigned long)bp; 98 99 if (!(regs & 0x1)) 100 return NULL; 101 102 return (struct pt_regs *)(regs & ~0x1); 103 } 104 105 static bool update_stack_state(struct unwind_state *state, void *addr, 106 size_t len) 107 { 108 struct stack_info *info = &state->stack_info; 109 enum stack_type orig_type = info->type; 110 111 /* 112 * If addr isn't on the current stack, switch to the next one. 113 * 114 * We may have to traverse multiple stacks to deal with the possibility 115 * that 'info->next_sp' could point to an empty stack and 'addr' could 116 * be on a subsequent stack. 117 */ 118 while (!on_stack(info, addr, len)) 119 if (get_stack_info(info->next_sp, state->task, info, 120 &state->stack_mask)) 121 return false; 122 123 if (!state->orig_sp || info->type != orig_type) 124 state->orig_sp = addr; 125 126 return true; 127 } 128 129 bool unwind_next_frame(struct unwind_state *state) 130 { 131 struct pt_regs *regs; 132 unsigned long *next_bp, *next_frame; 133 size_t next_len; 134 enum stack_type prev_type = state->stack_info.type; 135 136 if (unwind_done(state)) 137 return false; 138 139 /* have we reached the end? */ 140 if (state->regs && user_mode(state->regs)) 141 goto the_end; 142 143 if (is_last_task_frame(state)) { 144 regs = task_pt_regs(state->task); 145 146 /* 147 * kthreads (other than the boot CPU's idle thread) have some 148 * partial regs at the end of their stack which were placed 149 * there by copy_thread_tls(). But the regs don't have any 150 * useful information, so we can skip them. 151 * 152 * This user_mode() check is slightly broader than a PF_KTHREAD 153 * check because it also catches the awkward situation where a 154 * newly forked kthread transitions into a user task by calling 155 * do_execve(), which eventually clears PF_KTHREAD. 156 */ 157 if (!user_mode(regs)) 158 goto the_end; 159 160 /* 161 * We're almost at the end, but not quite: there's still the 162 * syscall regs frame. Entry code doesn't encode the regs 163 * pointer for syscalls, so we have to set it manually. 164 */ 165 state->regs = regs; 166 state->bp = NULL; 167 return true; 168 } 169 170 /* get the next frame pointer */ 171 if (state->regs) 172 next_bp = (unsigned long *)state->regs->bp; 173 else 174 next_bp = (unsigned long *)*state->bp; 175 176 /* is the next frame pointer an encoded pointer to pt_regs? */ 177 regs = decode_frame_pointer(next_bp); 178 if (regs) { 179 next_frame = (unsigned long *)regs; 180 next_len = sizeof(*regs); 181 } else { 182 next_frame = next_bp; 183 next_len = FRAME_HEADER_SIZE; 184 } 185 186 /* make sure the next frame's data is accessible */ 187 if (!update_stack_state(state, next_frame, next_len)) { 188 /* 189 * Don't warn on bad regs->bp. An interrupt in entry code 190 * might cause a false positive warning. 191 */ 192 if (state->regs) 193 goto the_end; 194 195 goto bad_address; 196 } 197 198 /* Make sure it only unwinds up and doesn't overlap the last frame: */ 199 if (state->stack_info.type == prev_type) { 200 if (state->regs && (void *)next_frame < (void *)state->regs + regs_size(state->regs)) 201 goto bad_address; 202 203 if (state->bp && (void *)next_frame < (void *)state->bp + FRAME_HEADER_SIZE) 204 goto bad_address; 205 } 206 207 /* move to the next frame */ 208 if (regs) { 209 state->regs = regs; 210 state->bp = NULL; 211 } else { 212 state->bp = next_bp; 213 state->regs = NULL; 214 } 215 216 return true; 217 218 bad_address: 219 if (state->regs) { 220 printk_deferred_once(KERN_WARNING 221 "WARNING: kernel stack regs at %p in %s:%d has bad 'bp' value %p\n", 222 state->regs, state->task->comm, 223 state->task->pid, next_frame); 224 unwind_dump(state, (unsigned long *)state->regs); 225 } else { 226 printk_deferred_once(KERN_WARNING 227 "WARNING: kernel stack frame pointer at %p in %s:%d has bad value %p\n", 228 state->bp, state->task->comm, 229 state->task->pid, next_frame); 230 unwind_dump(state, state->bp); 231 } 232 the_end: 233 state->stack_info.type = STACK_TYPE_UNKNOWN; 234 return false; 235 } 236 EXPORT_SYMBOL_GPL(unwind_next_frame); 237 238 void __unwind_start(struct unwind_state *state, struct task_struct *task, 239 struct pt_regs *regs, unsigned long *first_frame) 240 { 241 unsigned long *bp, *frame; 242 size_t len; 243 244 memset(state, 0, sizeof(*state)); 245 state->task = task; 246 247 /* don't even attempt to start from user mode regs */ 248 if (regs && user_mode(regs)) { 249 state->stack_info.type = STACK_TYPE_UNKNOWN; 250 return; 251 } 252 253 /* set up the starting stack frame */ 254 bp = get_frame_pointer(task, regs); 255 regs = decode_frame_pointer(bp); 256 if (regs) { 257 state->regs = regs; 258 frame = (unsigned long *)regs; 259 len = sizeof(*regs); 260 } else { 261 state->bp = bp; 262 frame = bp; 263 len = FRAME_HEADER_SIZE; 264 } 265 266 /* initialize stack info and make sure the frame data is accessible */ 267 get_stack_info(frame, state->task, &state->stack_info, 268 &state->stack_mask); 269 update_stack_state(state, frame, len); 270 271 /* 272 * The caller can provide the address of the first frame directly 273 * (first_frame) or indirectly (regs->sp) to indicate which stack frame 274 * to start unwinding at. Skip ahead until we reach it. 275 */ 276 while (!unwind_done(state) && 277 (!on_stack(&state->stack_info, first_frame, sizeof(long)) || 278 state->bp < first_frame)) 279 unwind_next_frame(state); 280 } 281 EXPORT_SYMBOL_GPL(__unwind_start); 282