From 029c8ac062d1ba113e7112f3e44b23cca207cc94 Mon Sep 17 00:00:00 2001 From: Michael Karcher Date: Wed, 12 Jun 2019 15:08:37 +0200 Subject: [PATCH] arch/sh: Check for kprobe trap number before trying to handle a kprobe trap The DIE_TRAP notifier chain is run both for kprobe traps and for BUG/WARN traps. The kprobe code assumes to be only called for BREAKPOINT_INSTRUCTION, and concludes to have hit a concurrently removed kprobe if it finds anything else at the faulting locations. This includes TRAPA_BUG_OPCODE used for BUG and WARN. The consequence is that kprobe_handler returns 1. This makes kprobe_exceptions_notify return NOTIFY_STOP, and prevents handling the BUG statement. This also prevents moving $pc away from the trap instruction, so the system locks up in an endless loop Signed-off-by: Michael Karcher Gbp-Pq: Topic bugfix/sh Gbp-Pq: Name sh-check-for-kprobe-trap-number-before-trying-to-handle-a-kprobe-trap.patch --- arch/sh/kernel/kprobes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/sh/kernel/kprobes.c b/arch/sh/kernel/kprobes.c index 1f8c0d30567..318296f48f1 100644 --- a/arch/sh/kernel/kprobes.c +++ b/arch/sh/kernel/kprobes.c @@ -485,7 +485,8 @@ int __kprobes kprobe_exceptions_notify(struct notifier_block *self, struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); addr = (kprobe_opcode_t *) (args->regs->pc); - if (val == DIE_TRAP) { + if (val == DIE_TRAP && + args->trapnr == (BREAKPOINT_INSTRUCTION & 0xff)) { if (!kprobe_running()) { if (kprobe_handler(args->regs)) { ret = NOTIFY_STOP; -- 2.30.2