summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorLai Jiangshan <jiangshan.ljs@antfin.com>2021-06-22 09:45:32 +0800
committerLai Jiangshan <jiangshan.ljs@antfin.com>2021-06-22 12:50:52 +0800
commit49ada65f4c37a4384ce4f9dc0cf98317207d4472 (patch)
treead2ae9e8529d0e3147339e374c796201c1810105
parent04a81bc33664b7f7b3da0666b9296e5aaf0f63e7 (diff)
Disconnect call-chain between sighandler() and bluepill().
When sentry is running in guest ring0, the goroutine stack is changing and it will not be the stack when bluepill() is called. If PMU interrupt hits when the CPU is in host ring 0, the perf handler will try to get the stack of the kernel and the userspace(sentry). It can travel back to sighandler() and try to continue to the stack of the goroutine with the outdated frame pointer if sentry has been running in the guest. The perf handler can't record correct addresses from the outdated and wrong frames. Those addresses are often irresolvable, and even if it is resolvable accidentally, it would be misleading names. To fix the problem, we just set the frame pointer(%RBP) to zero and disconnect the link when the zeroed frame pointer is saved in the frame in bluepillHandler(). Signed-off-by: Lai Jiangshan <jiangshan.ljs@antfin.com>
-rw-r--r--pkg/sentry/platform/kvm/bluepill_amd64.s8
1 files changed, 8 insertions, 0 deletions
diff --git a/pkg/sentry/platform/kvm/bluepill_amd64.s b/pkg/sentry/platform/kvm/bluepill_amd64.s
index 953024600..c2a1dca11 100644
--- a/pkg/sentry/platform/kvm/bluepill_amd64.s
+++ b/pkg/sentry/platform/kvm/bluepill_amd64.s
@@ -37,7 +37,15 @@ TEXT ·bluepill(SB),NOSPLIT,$0
begin:
MOVQ vcpu+0(FP), AX
LEAQ VCPU_CPU(AX), BX
+
+ // The gorountine stack will be changed in guest which renders
+ // the frame pointer outdated and misleads perf tools.
+ // Disconnect the frame-chain with the zeroed frame pointer
+ // when it is saved in the frame in bluepillHandler().
+ MOVQ BP, CX
+ MOVQ $0, BP
BYTE CLI;
+ MOVQ CX, BP
check_vcpu:
MOVQ ENTRY_CPU_SELF(GS), CX
CMPQ BX, CX