[PATCH] i386: Disallow kprobes on NMI handlers

A kprobe executes IRET early and that could cause NMI recursion and stack corruption. Note: This problem was originally spotted by Andi Kleen. This patch adds fixes not included in his original patch. [AK: Jan Beulich originally discovered these classes of bugs] Signed-off-by: Fernando Vazquez <fernando@intellilink.co.jp> Signed-off-by: Andi Kleen <ak@suse.de>

[PATCH] i386: Disallow kprobes on NMI handlers
A kprobe executes IRET early and that could cause NMI recursion and stack corruption. Note: This problem was originally spotted by Andi Kleen. This patch adds fixes not included in his original patch. [AK: Jan Beulich originally discovered these classes of bugs] Signed-off-by: Fernando Vazquez <fernando@intellilink.co.jp> Signed-off-by: Andi Kleen <ak@suse.de>
Fernando Luis Vázquez Cao · Andi Kleen
1 parent e9dff0ee66
Showing 1 changed file with 5 additions and 3 deletions Side-by-side Diff
arch/i386/kernel/mca.c
@@ -42,6 +42,7 @@
 #include <linux/errno.h>
 #include <linux/kernel.h>
 #include <linux/mca.h>
+#include <linux/kprobes.h>
 #include <asm/system.h>
 #include <asm/io.h>
 #include <linux/proc_fs.h>
@@ -414,7 +415,8 @@
  
 /*--------------------------------------------------------------------*/
  
-static void mca_handle_nmi_device(struct mca_device *mca_dev, int check_flag)
+static __kprobes void
+mca_handle_nmi_device(struct mca_device *mca_dev, int check_flag)
 {
 	int slot = mca_dev->slot;
  
@@ -444,7 +446,7 @@
  
 /*--------------------------------------------------------------------*/
  
-static int mca_handle_nmi_callback(struct device *dev, void *data)
+static int __kprobes mca_handle_nmi_callback(struct device *dev, void *data)
 {
 	struct mca_device *mca_dev = to_mca_device(dev);
 	unsigned char pos5;
@@ -462,7 +464,7 @@
 	return 0;
 }
  
-void mca_handle_nmi(void)
+void __kprobes mca_handle_nmi(void)
 {
 	/* First try - scan the various adapters and see if a specific
 	 * adapter was responsible for the error.
...	...	@@ -42,6 +42,7 @@
42	42	#include <linux/errno.h>
43	43	#include <linux/kernel.h>
44	44	#include <linux/mca.h>
	45	+#include <linux/kprobes.h>
45	46	#include <asm/system.h>
46	47	#include <asm/io.h>
47	48	#include <linux/proc_fs.h>
...	...	@@ -414,7 +415,8 @@
414	415
415	416	/--------------------------------------------------------------------/
416	417
417		-static void mca_handle_nmi_device(struct mca_device *mca_dev, int check_flag)
	418	+static __kprobes void
	419	+mca_handle_nmi_device(struct mca_device *mca_dev, int check_flag)
418	420	{
419	421	int slot = mca_dev->slot;
420	422
...	...	@@ -444,7 +446,7 @@
444	446
445	447	/--------------------------------------------------------------------/
446	448
447		-static int mca_handle_nmi_callback(struct device dev, void data)
	449	+static int __kprobes mca_handle_nmi_callback(struct device dev, void data)
448	450	{
449	451	struct mca_device *mca_dev = to_mca_device(dev);
450	452	unsigned char pos5;
...	...	@@ -462,7 +464,7 @@
462	464	return 0;
463	465	}
464	466
465		-void mca_handle_nmi(void)
	467	+void __kprobes mca_handle_nmi(void)
466	468	{
467	469	/* First try - scan the various adapters and see if a specific
468	470	* adapter was responsible for the error.