[PATCH v15 10/20] unwind_user/sframe: Remove .sframe section on detected corruption

Next message: Jens Remus: "[PATCH v15 02/20] unwind_user/sframe: Add support for reading .sframe headers"
Previous message: Sebastian Andrzej Siewior: "Re: [PATCH v4 3/4] swap: apply new pw_queue_on() interface"
In reply to: Jens Remus: "[PATCH v15 20/20] unwind_user/sframe: Add prctl() interface for registering .sframe sections"
Next in thread: Jens Remus: "[PATCH v15 02/20] unwind_user/sframe: Add support for reading .sframe headers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jens Remus

Date: Wed May 20 2026 - 11:50:05 EST

From: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>

To avoid continued attempted use of a bad .sframe section, remove it
on demand when the first sign of corruption is detected.

Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
Reviewed-by: Indu Bhagat <ibhagatgnu@xxxxxxxxx>
Signed-off-by: Jens Remus <jremus@xxxxxxxxxxxxx>
---

Notes (jremus):
Changes in v15:
- sframe_find(): Align to normalized error code usage and remove .sframe
for all but ENOENT. Also remove if user_read_access_begin() fails.

kernel/unwind/sframe.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/kernel/unwind/sframe.c b/kernel/unwind/sframe.c
index f723c1a32f90..02331956009a 100644
--- a/kernel/unwind/sframe.c
+++ b/kernel/unwind/sframe.c
@@ -360,16 +360,23 @@ int sframe_find(unsigned long ip, struct unwind_user_frame *frame)
return -ENOENT;

if (!user_read_access_begin((void __user *)sec->sframe_start,
- sec->sframe_end - sec->sframe_start))
- return -EFAULT;
+ sec->sframe_end - sec->sframe_start)) {
+ ret = -EFAULT;
+ goto end;
+ }

ret = __find_fde(sec, ip, &fde);
if (ret)
- goto end;
+ goto end_uaccess;

ret = __find_fre(sec, &fde, ip, frame);
-end:
+end_uaccess:
user_read_access_end();
+
+end:
+ if (ret && ret != -ENOENT)
+ WARN_ON_ONCE(sframe_remove_section(sec->sframe_start));
+
return ret;
}

--
2.51.0