Re: [RFC PATCH v3 2/4] arm64: Check the return PC against unreliable code sections

From: Mark Brown
Date: Wed May 05 2021 - 13:23:38 EST


On Tue, May 04, 2021 at 02:32:35PM -0500, Madhavan T. Venkataraman wrote:

> If you prefer, I could do something like this:
>
> check_pc:
> if (!__kernel_text_address(frame->pc))
> frame->reliable = false;
>
> range = lookup_range(frame->pc);
>
> #ifdef CONFIG_FUNCTION_GRAPH_TRACER
> if (tsk->ret_stack &&
> frame->pc == (unsigned long)return_to_handler) {
> ...
> frame->pc = ret_stack->ret;
> frame->pc = ptrauth_strip_insn_pac(frame->pc);
> goto check_pc;
> }
> #endif /* CONFIG_FUNCTION_GRAPH_TRACER */

> Is that acceptable?

I think that works even if it's hard to love the goto, might want some
defensiveness to ensure we can't somehow end up in an infinite loop with
a sufficiently badly formed stack.

Attachment: signature.asc
Description: PGP signature