Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp187696imu;
        Thu, 8 Nov 2018 06:58:49 -0800 (PST)
X-Google-Smtp-Source: AJdET5clx/4UHFiNCawPyblsT36L2J9ntTbP5NHAHT1zaX9UYbBNUa67pGeTWSTBSqdKhAAOZezi
X-Received: by 2002:a63:f047:: with SMTP id s7mr3980632pgj.441.1541689129621;
        Thu, 08 Nov 2018 06:58:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1541689129; cv=none;
        d=google.com; s=arc-20160816;
        b=XUC0+gpEMfOQSTlUyp4AHzuUfU8YidjEzshWYADCVG1gpLR4NNKRXZuwHJ08/A8Whn
         0ptgahaVoI3XAu3vZ0EKHxNCzr62owT7KivQzU+5/owmbHAsewkiRkgdQiOATrVHhM+F
         JWB+zmi87ZQphZHyNh0fUkYZBEiNOzwdYfIMTMk3ytrD4I1Mv+7oxzsUMM2wCW1ZUP3m
         jK6Di2PvaRiBh/npEYHW/8mWmoAFRWQQiCmk2EybDw6Icw0Q44S7aMgk1FiDI3jiaM8y
         qee/ijg/dBwA+YF3zUMd0RIsIC0bn4bjBzYCjt9/jC7LfcpMRAynvCzEvOREcW1U2heL
         GIHg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=+/v8UV7KCI3HeiIUt37fGy6PnuHWD0bAW8GUSIxAHNU=;
        b=zK+bD5Lgqi8DbKojUCeMGcrKuW5H5k4/zCN5cpAJduaQVRbT1QfF9v5OXTIq+qu5Sw
         eOL8VHFCLeLBSGjgAHUFmAN6HmfDwUkJHyRrFcoAeXb4lTxJmHiofxnHujWENXpl4iey
         3sD8hlM/M5pVDcWy8u0UzbRQXSPJBvi3sbef+OrwvTZyvT6Kw3p7NAbcOuhqk+Zx0e8j
         iFwBjm5SXls2X8qe6dXdwrYGNCh+exGxVG1yqI24auCBYwvvSXJHdCKPMbuVT9LZkW0S
         tME/H+s6W/v/R/y8YdtMmK5caNQwgkdIXdbW6PsJURfpm4SQJz/jyBP/TVgJGFe56nMc
         mxuw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a70si4077749pge.421.2018.11.08.06.58.33;
        Thu, 08 Nov 2018 06:58:49 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726869AbeKIAdZ (ORCPT <rfc822;crosarcplusplustest@gmail.com>
        + 99 others); Thu, 8 Nov 2018 19:33:25 -0500
Received: from mail.skyhub.de ([5.9.137.197]:34926 "EHLO mail.skyhub.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726359AbeKIAdZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Nov 2018 19:33:25 -0500
X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de
Received: from mail.skyhub.de ([127.0.0.1])
        by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026)
        with ESMTP id FCJ-YN9CqQDK; Thu,  8 Nov 2018 15:57:32 +0100 (CET)
Received: from zn.tnic (p200300EC2BD03D00329C23FFFEA6A903.dip0.t-ipconnect.de [IPv6:2003:ec:2bd0:3d00:329c:23ff:fea6:a903])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id C83401EC0779;
        Thu,  8 Nov 2018 15:57:31 +0100 (CET)
Date:   Thu, 8 Nov 2018 15:57:21 +0100
From:   Borislav Petkov <bp@alien8.de>
To:     Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc:     linux-kernel@vger.kernel.org, x86@kernel.org,
        Andy Lutomirski <luto@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        kvm@vger.kernel.org, "Jason A. Donenfeld" <Jason@zx2c4.com>,
        Rik van Riel <riel@surriel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>
Subject: Re: [PATCH 02/23] x86/fpu: Remove fpu->initialized usage in
 __fpu__restore_sig()
Message-ID: <20181108145721.GC7543@zn.tnic>
References: <20181107194858.9380-1-bigeasy@linutronix.de>
 <20181107194858.9380-3-bigeasy@linutronix.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20181107194858.9380-3-bigeasy@linutronix.de>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Nov 07, 2018 at 08:48:37PM +0100, Sebastian Andrzej Siewior wrote:
> This is a preparation for the removal of the ->initialized member in the
> fpu struct.
> __fpu__restore_sig() is deactivating the FPU via fpu__drop() and then
> setting manually ->initialized followed by fpu__restore(). The result is
> that it is possible to manipulate fpu->state and the state of registers
> won't be saved/restore on a context switch which would overwrite state.

		restored

> 
> Don't access the fpu->state while the content is read from user space
> and examined / sanitized. Use a temporary buffer kmalloc() buffer for

one "buffer" too many.

More importantly, what I'm missing here is more detailed explanation
about how that manipulation can happen. Especially since the comment
over fpu__drop() you're removing below is claiming the exact opposite.
AFAICT.

Yeah, FPU code has always been nasty and tricky to follow so I think
we'd need to have this stuff explained in much more detail.

Thx.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.