[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Libunwind-devel] [PATCH] x86_64: fix mincore_validate and msync_validat
From: |
Dave Watson |
Subject: |
[Libunwind-devel] [PATCH] x86_64: fix mincore_validate and msync_validate |
Date: |
Fri, 18 Aug 2017 08:16:17 -0700 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
The calls to mincore() or msync() are not checking for actual accessibility
this could lead to SIGSEGV if the address from a mapped page with the
PROT_NONE property occurs on the stack.
Hence an attempt to write one byte from the checked address to a pipe will
fail if the address is not readable.
V2 -> V3:
Use a nonblocking pipe to avoid setting a global SIGPIPE handler, and also
handle EINTR
Add a test
Also adds for x86 code
V1 -> V2:
Attempt to handle SIGPIPE, use CLOEXEC
https://github.com/libunwind/libunwind/pull/7
V1:
http://lists.nongnu.org/archive/html/libunwind-devel/2016-09/msg00001.html
---
src/x86/Gglobal.c | 2 +
src/x86/Ginit.c | 47 ++++++++++++++-
src/x86_64/Ginit.c | 50 +++++++++++++++-
tests/Ltest-mem-validate.c | 143 +++++++++++++++++++++++++++++++++++++++++++++
tests/Makefile.am | 4 +-
5 files changed, 242 insertions(+), 4 deletions(-)
create mode 100644 tests/Ltest-mem-validate.c
diff --git a/src/x86/Gglobal.c b/src/x86/Gglobal.c
index 132b8249..3625b5b5 100644
--- a/src/x86/Gglobal.c
+++ b/src/x86/Gglobal.c
@@ -57,6 +57,8 @@ tdep_init (void)
dwarf_init ();
+ init_mem_validate ();
+
#ifndef UNW_REMOTE_ONLY
x86_local_addr_space_init ();
#endif
diff --git a/src/x86/Ginit.c b/src/x86/Ginit.c
index 876990fe..01e5e410 100644
--- a/src/x86/Ginit.c
+++ b/src/x86/Ginit.c
@@ -78,6 +78,45 @@ get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t
*dyn_info_list_addr,
#define PAGE_SIZE 4096
#define PAGE_START(a) ((a) & ~(PAGE_SIZE-1))
+static int validate_pipe[2];
+
+static void
+open_pipe (int needclose)
+{
+ if (needclose)
+ {
+ close(validate_pipe[1]);
+ close(validate_pipe[0]);
+ }
+
+ pipe2(validate_pipe, O_CLOEXEC | O_NONBLOCK);
+}
+
+ALWAYS_INLINE
+static int
+write_validate (void *addr)
+{
+ int i;
+ for (i = 0; i < 2; i++)
+ {
+ char buf;
+ int bytes = read (validate_pipe[0], &buf, 1);
+ if (bytes >= 0 || errno == EAGAIN || errno == EWOULDBLOCK)
+ {
+
+ bytes = write(validate_pipe[1], addr, 1);
+ if (bytes == 1)
+ {
+ return 0;
+ }
+ }
+
+ open_pipe(1);
+ }
+
+ return -1;
+}
+
/* Cache of already validated addresses */
#define NLGA 4
static unw_word_t last_good_addr[NLGA];
@@ -129,7 +168,13 @@ validate_mem (unw_word_t addr)
victim = (victim + 1) % NLGA;
lga_victim = victim;
- return 0;
+ return write_validate (addr);
+}
+
+HIDDEN void
+tdep_init_mem_validate (void)
+{
+ open_pipe(0);
}
static int
diff --git a/src/x86_64/Ginit.c b/src/x86_64/Ginit.c
index 2bb238e1..e7df19ef 100644
--- a/src/x86_64/Ginit.c
+++ b/src/x86_64/Ginit.c
@@ -72,10 +72,54 @@ get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t
*dyn_info_list_addr,
#define PAGE_SIZE 4096
#define PAGE_START(a) ((a) & ~(PAGE_SIZE-1))
+static int validate_pipe[2];
+
+static void
+open_pipe (int needclose)
+{
+ if (needclose)
+ {
+ close(validate_pipe[1]);
+ close(validate_pipe[0]);
+ }
+
+ pipe2(validate_pipe, O_CLOEXEC | O_NONBLOCK);
+}
+
+ALWAYS_INLINE
+static int
+write_validate (void *addr)
+{
+ int i;
+ for (i = 0; i < 2; i++)
+ {
+ char buf;
+ int bytes = read (validate_pipe[0], &buf, 1);
+ if (bytes >= 0 || errno == EAGAIN || errno == EWOULDBLOCK)
+ {
+
+ bytes = write(validate_pipe[1], addr, 1);
+ if (bytes == 1)
+ {
+ return 0;
+ }
+ }
+
+ open_pipe(1);
+ }
+
+ return -1;
+}
+
static int (*mem_validate_func) (void *addr, size_t len);
static int msync_validate (void *addr, size_t len)
{
- return msync (addr, len, MS_ASYNC);
+ if (msync (addr, len, MS_ASYNC) != 0)
+ {
+ return -1;
+ }
+
+ return write_validate (addr);
}
#ifdef HAVE_MINCORE
@@ -96,7 +140,7 @@ static int mincore_validate (void *addr, size_t len)
if (!(mvec[i] & 1)) return -1;
}
- return 0;
+ return write_validate (addr);
}
#endif
@@ -125,6 +169,8 @@ tdep_init_mem_validate (void)
Debug(1, "using msync to validate memory\n");
mem_validate_func = msync_validate;
}
+
+ open_pipe(0);
}
/* Cache of already validated addresses */
diff --git a/tests/Ltest-mem-validate.c b/tests/Ltest-mem-validate.c
new file mode 100644
index 00000000..1cacb9f0
--- /dev/null
+++ b/tests/Ltest-mem-validate.c
@@ -0,0 +1,143 @@
+/* libunwind - a platform-independent unwind library
+ Copyright (C) 2003-2004 Hewlett-Packard Co
+ Contributed by David Mosberger-Tang <address@hidden>
+
+This file is part of libunwind.
+
+Copyright (c) 2003 Hewlett-Packard Co.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
+
+#include "compiler.h"
+
+#include <libunwind.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <sys/resource.h>
+#include <sys/mman.h>
+
+#define panic(args...) \
+ { fprintf (stderr, args); exit (-1); }
+
+void * stack_start;
+
+#define PAGE_SIZE 4096
+
+void do_backtrace (void)
+{
+ void* buffer[1024];
+ int size = 1024;
+ mprotect((void*)((uintptr_t)stack_start & ~(PAGE_SIZE - 1)),
+ PAGE_SIZE, PROT_NONE);
+
+ unw_cursor_t cursor;
+ unw_word_t ip, sp;
+ unw_context_t uc;
+ int ret;
+ int steps = 0;
+
+ unw_getcontext (&uc);
+ if (unw_init_local (&cursor, &uc) < 0)
+ panic ("unw_init_local failed!\n");
+
+ do
+ {
+ unw_get_reg (&cursor, UNW_REG_IP, &ip);
+ unw_get_reg (&cursor, UNW_REG_SP, &sp);
+
+ ret = unw_step (&cursor);
+ if (ret < 0)
+ {
+ unw_get_reg (&cursor, UNW_REG_IP, &ip);
+ }
+ steps ++;
+ }
+ while (ret > 0);
+
+ if (steps < 5)
+ {
+ exit(-1);
+ }
+
+ mprotect((void*)((uintptr_t)stack_start & ~(PAGE_SIZE - 1)),
+ PAGE_SIZE, PROT_READ|PROT_WRITE);
+}
+
+void consume_and_run (int depth)
+{
+ unw_cursor_t cursor;
+ unw_context_t uc;
+ char string[1024];
+
+ sprintf (string, "hello %p %p\n", &cursor, &uc);
+ if (depth == 0) {
+ do_backtrace();
+ } else {
+ consume_and_run(depth - 1);
+ }
+}
+
+int
+main (int argc, char **argv UNUSED)
+{
+ int start;
+ unw_context_t uc;
+ unw_cursor_t cursor;
+
+ stack_start = &start;
+
+ // Initialize pipe mem validate check, opens file descriptors
+ unw_getcontext(&uc);
+ if (unw_init_local (&cursor, &uc) < 0)
+ panic ("unw_init_local failed!\n");
+
+ int i;
+ for (i = 3; i < 10; i++)
+ {
+
+ pid_t childpid = fork();
+ if (!childpid)
+ {
+ /* Close fds and make sure we still work */
+ int ret = close(i);
+ }
+
+ int status;
+ if (childpid)
+ {
+ wait(&status);
+ if (WIFEXITED(status))
+ return WEXITSTATUS(status);
+ else
+ return -1;
+ }
+ else
+ {
+ consume_and_run (10);
+
+ return 0;
+ }
+ }
+
+ return 0;
+}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index c191c6bc..5d39a9e3 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -45,7 +45,7 @@ endif #!ARCH_IA64
Gtest-resume-sig Ltest-resume-sig \
Gtest-resume-sig-rt Ltest-resume-sig-rt \
Gtest-trace Ltest-trace \
- Ltest-init-local-signal \
+ Ltest-init-local-signal Ltest-mem-validate \
test-async-sig test-flush-cache test-init-remote \
test-mem test-reg-state Ltest-varargs \
Ltest-nomalloc Ltest-nocalloc Lrs-race
@@ -143,6 +143,7 @@ Ltest_init_SOURCES = Ltest-init.cxx
Ltest_cxx_exceptions_SOURCES = Ltest-cxx-exceptions.cxx
Ltest_init_local_signal_SOURCES = Ltest-init-local-signal.c
Ltest-init-local-signal-lib.c
+Ltest_mem_validate_SOURCES = Ltest-mem-validate.c
Gtest_dyn1_SOURCES = Gtest-dyn1.c flush-cache.S flush-cache.h
Ltest_dyn1_SOURCES = Ltest-dyn1.c flush-cache.S flush-cache.h
@@ -186,6 +187,7 @@ test_strerror_LDADD = $(LIBUNWIND)
Lrs_race_LDADD = $(LIBUNWIND_local) -lpthread
Ltest_varargs_LDADD = $(LIBUNWIND_local)
Ltest_init_local_signal_LDADD = $(LIBUNWIND) $(LIBUNWIND_local)
+Ltest_mem_validate_LDADD = $(LIBUNWIND) $(LIBUNWIND_local)
Gtest_bt_LDADD = $(LIBUNWIND) $(LIBUNWIND_local)
Gtest_concurrent_LDADD = $(LIBUNWIND) $(LIBUNWIND_local) -lpthread
--
2.13.5