Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2005588imm; Thu, 14 Jun 2018 07:20:39 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLqH3oNiF+g8XUaXuWO4NdXv1W3GVDcdNIoREgNC7B3xYf5QhVEsYfeVIJJkd+pgxCHGtHe X-Received: by 2002:a17:902:7686:: with SMTP id m6-v6mr3316022pll.340.1528986039424; Thu, 14 Jun 2018 07:20:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528986039; cv=none; d=google.com; s=arc-20160816; b=OxX2oL+fqvySCCX2jRn4JiX+a+guKIGgkr0Sw4ExDlzotYCuDMh2xvC5khrIAV9LVf /qXnd9ltrOvn38QgUiPn/Of5W3/bNHBnlCUx8mrfGeRj6a+vAzmGUDINGnhvdI77OoDE Zt0gE5u2jSU+hn1CG+PKSeyqFfi6nRM44QXRuuW0S86kea1Q77dYEz/SBFihn8HLmfZb p87IAsgdrJSYIj6u/n2nDIlzJpYRXWElCSGu9cNva3CdUVQOcUulzshXIwJtSb/1dZfg PoFKOUzn7g/N1krE+nQ9lbBh+C4FEYSfZvqrO8hiUwYenAUFqdDzXJ0OakbAvXqHn3/y tXCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=P78ufxnBFUB8gvKIitHwPCwKxEqQeA1+ukIK9bnKy/o=; b=YqPRzVul0wsvH3MHWD9yf/FSaQKscf4FjBzDVzyPSDveRJMGBNF4pI+SdmmJelgk3l m6hxtJKkcqweKXbokg/bmYbSAIgApdRwKbA5WOiMEmc55QvxZTst1EAqaVTiElcR74gP hQ9+Oy2hmB5rOmaRX4MBc0Rab1diuIVvvH9WKFkDlNZn8o28UyaWRDCo6b2rwXoBjzO7 ogExWDOvHhNmenYT096ZwYJTGa3uxHdBS82j41ttdM38wRRk1l70ogmzngnE2tZqEg1E GkTc6FeffKEvOCkIteLxScU8/W18Ere2v9AOhkf0yW06+K49pIrH0UQErlpZbN3okYAp GY2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=C+nJf+rH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v39-v6si4579854pgn.510.2018.06.14.07.20.25; Thu, 14 Jun 2018 07:20:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=C+nJf+rH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966185AbeFNONL (ORCPT + 99 others); Thu, 14 Jun 2018 10:13:11 -0400 Received: from mail.kernel.org ([198.145.29.99]:54528 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S966150AbeFNONH (ORCPT ); Thu, 14 Jun 2018 10:13:07 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A20F7208DA; Thu, 14 Jun 2018 14:13:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1528985587; bh=1eBZA8Ba7EGEK4GKQerWDKcNm/3TPWKlPHcDFzlNaSM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=C+nJf+rHTx4eR7RrrL4CthpCKX1tG6V0SMxxXwZqPotFmU1DeO7JQqnFdmRwAQKm4 2x6llG8hR8n0nBrAkqtIXLtFU6MHHP8k7tAlshR40XujVfqXcJo68C1y/aPAgFHcd4 dSLQwrpjmdV4W7QqzbrAl9grszJai6MTKw/BRZXM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Yu-cheng Yu , Andy Lutomirski , Borislav Petkov , Borislav Petkov , Dave Hansen , Fenghua Yu , "H. Peter Anvin" , Linus Torvalds , Oleg Nesterov , Peter Zijlstra , Quentin Casasnovas , "Ravi V. Shankar" , Sai Praneeth Prakhya , Thomas Gleixner , Ingo Molnar Subject: [PATCH 4.4 05/24] x86/fpu: Disable AVX when eagerfpu is off Date: Thu, 14 Jun 2018 16:05:00 +0200 Message-Id: <20180614132724.697953870@linuxfoundation.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180614132724.483802160@linuxfoundation.org> References: <20180614132724.483802160@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: yu-cheng yu commit 394db20ca240741a08d472173db13d6f6a6e5a28 upstream. When "eagerfpu=off" is given as a command-line input, the kernel should disable AVX support. The Task Switched bit used for lazy context switching does not support AVX. If AVX is enabled without eagerfpu context switching, one task's AVX state could become corrupted or leak to other tasks. This is a bug and has bad security implications. This only affects systems that have AVX/AVX2/AVX512 and this issue will be found only when one actually uses AVX/AVX2/AVX512 _AND_ does eagerfpu=off. Reference: Intel Software Developer's Manual Vol. 3A Sec. 2.5 Control Registers: TS Task Switched bit (bit 3 of CR0) -- Allows the saving of the x87 FPU/ MMX/SSE/SSE2/SSE3/SSSE3/SSE4 context on a task switch to be delayed until an x87 FPU/MMX/SSE/SSE2/SSE3/SSSE3/SSE4 instruction is actually executed by the new task. Sec. 13.4.1 Using the TS Flag to Control the Saving of the X87 FPU and SSE State When the TS flag is set, the processor monitors the instruction stream for x87 FPU, MMX, SSE instructions. When the processor detects one of these instructions, it raises a device-not-available exeception (#NM) prior to executing the instruction. Signed-off-by: Yu-cheng Yu Cc: Andy Lutomirski Cc: Borislav Petkov Cc: Borislav Petkov Cc: Dave Hansen Cc: Fenghua Yu Cc: H. Peter Anvin Cc: Linus Torvalds Cc: Oleg Nesterov Cc: Peter Zijlstra Cc: Quentin Casasnovas Cc: Ravi V. Shankar Cc: Sai Praneeth Prakhya Cc: Thomas Gleixner Cc: yu-cheng yu Link: http://lkml.kernel.org/r/1452119094-7252-5-git-send-email-yu-cheng.yu@intel.com Signed-off-by: Ingo Molnar Signed-off-by: Greg Kroah-Hartman --- arch/x86/include/asm/fpu/xstate.h | 11 ++++++----- arch/x86/kernel/fpu/init.c | 6 ++++++ 2 files changed, 12 insertions(+), 5 deletions(-) --- a/arch/x86/include/asm/fpu/xstate.h +++ b/arch/x86/include/asm/fpu/xstate.h @@ -20,15 +20,16 @@ /* Supported features which support lazy state saving */ #define XFEATURE_MASK_LAZY (XFEATURE_MASK_FP | \ - XFEATURE_MASK_SSE | \ + XFEATURE_MASK_SSE) + +/* Supported features which require eager state saving */ +#define XFEATURE_MASK_EAGER (XFEATURE_MASK_BNDREGS | \ + XFEATURE_MASK_BNDCSR | \ XFEATURE_MASK_YMM | \ - XFEATURE_MASK_OPMASK | \ + XFEATURE_MASK_OPMASK | \ XFEATURE_MASK_ZMM_Hi256 | \ XFEATURE_MASK_Hi16_ZMM) -/* Supported features which require eager state saving */ -#define XFEATURE_MASK_EAGER (XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR) - /* All currently supported features */ #define XCNTXT_MASK (XFEATURE_MASK_LAZY | XFEATURE_MASK_EAGER) --- a/arch/x86/kernel/fpu/init.c +++ b/arch/x86/kernel/fpu/init.c @@ -292,6 +292,12 @@ u64 __init fpu__get_supported_xfeatures_ static void __init fpu__clear_eager_fpu_features(void) { setup_clear_cpu_cap(X86_FEATURE_MPX); + setup_clear_cpu_cap(X86_FEATURE_AVX); + setup_clear_cpu_cap(X86_FEATURE_AVX2); + setup_clear_cpu_cap(X86_FEATURE_AVX512F); + setup_clear_cpu_cap(X86_FEATURE_AVX512PF); + setup_clear_cpu_cap(X86_FEATURE_AVX512ER); + setup_clear_cpu_cap(X86_FEATURE_AVX512CD); } /*