• Michael Neuling's avatar
    powerpc: Fix null pointer deref in perf hardware breakpoints · 6d9c00c6
    Michael Neuling authored
    Currently if you are doing a global perf recording with hardware
    breakpoints (ie perf record -e mem:0xdeadbeef -a), you can oops with:
    
      Faulting instruction address: 0xc000000000738890
      cpu 0xc: Vector: 300 (Data Access) at [c0000003f76af8d0]
          pc: c000000000738890: .hw_breakpoint_handler+0xa0/0x1e0
          lr: c000000000738830: .hw_breakpoint_handler+0x40/0x1e0
          sp: c0000003f76afb50
         msr: 8000000000001032
         dar: 6f0
       dsisr: 42000000
        current = 0xc0000003f765ac00
        paca    = 0xc00000000f262a00   softe: 0        irq_happened: 0x01
        pid   = 6810, comm = loop-read
      enter ? for help
      [c0000003f76afbe0] c00000000073cd04 .notifier_call_chain.isra.0+0x84/0xe0
      [c0000003f76afc80] c00000000073cdbc .notify_die+0x3c/0x60
      [c0000003f76afd20] c0000000000139f0 .do_dabr+0x40/0xf0
      [c0000003f76afe30] c000000000005a9c handle_dabr_fault+0x14/0x48
      --- Exception: 300 (Data Access) at 0000000010000480
      SP (ff8679e0) is in userspace
    
    This is because we don't check to see if the break point is associated
    with task before we deference the task_struct pointer.
    
    This changes the update to use current.
    Signed-off-by: default avatarMichael Neuling <mikey@neuling.org>
    Signed-off-by: default avatarBenjamin Herrenschmidt <benh@kernel.crashing.org>
    6d9c00c6
hw_breakpoint.c 9.03 KB