Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp213089imu; Mon, 26 Nov 2018 09:53:57 -0800 (PST) X-Google-Smtp-Source: AFSGD/VwhI/wzplszz4Xlbi0Y4ymkbGa6o2djfBIHMC/h1fA0qPkNBZiStmNax2MxsdCRlwLhQPM X-Received: by 2002:a17:902:20e9:: with SMTP id v38mr26312299plg.250.1543254837103; Mon, 26 Nov 2018 09:53:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543254837; cv=none; d=google.com; s=arc-20160816; b=QgaBI+cfUCcXkoTz3deKjqaquPiyjOrT25Ra0V1cBXfLZplXbX5C+QjaZqgp+PktKR 2Ipjr8fdwcQhvVFiTtYum7Uo4Z3un7Dk/KF8RQgdnZniV3d3JtsFREoBqHdWdHhKALMx 3knVe4tNJfm5x7Bm7Z7uLQx33voHU5LBZ0U7fv4k4rN3hVrMWO+BAkLbAwHoMVB5VEOQ i5UYPPdKMBCnRhQKn5PRruzxNh6z5r/DiVn/TACvxgM22xF6FdAONHun/FDDH+dohtX1 c0rQzeLeV3Q7vMrW1d2bZVkXHHZZQTSKuFkYYbIcBSZc+T6GBh5IvbYblDhHWw6UtqGw +MwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=a0t/Re+SbmvCsm98LZrbWiWm2Q1rmPMzgX4PoT78p2U=; b=JzjaVKWxKqbdHfjC3lyltdYXqgkzlT0dOzM4ifUa4keyb5hf+khDRFGJ3oIof53F5D 643VCHr5JAo0lIrgcrjeBUIwhDgZvSIoXTvWIXAf4+pTPwDxDzyVexeffa3MnKyCGhib TCr8tUepMiMb87Xl7HvTEOLAO4dZ/Rlh+WsGbEAGkVZ4EAvLmYw2jBBGFk2OhIqWBSOe nNVrsKJ+LZy2Tng7HzLHpU8Yc9PqQvGpJWkM9tcFljkeTcK21iaV+cCdqXOooX9oPSuj 2mAEhLD95M4H5kIkFh/CDVytE1AezFLq/tbQt8D8w/TK3SRYThHGRYRkcCAOTAKTdz5K F+mw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g3-v6si863360plt.208.2018.11.26.09.53.12; Mon, 26 Nov 2018 09:53:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726315AbeK0Eop (ORCPT + 99 others); Mon, 26 Nov 2018 23:44:45 -0500 Received: from Galois.linutronix.de ([146.0.238.70]:55323 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726251AbeK0Eop (ORCPT ); Mon, 26 Nov 2018 23:44:45 -0500 Received: from bigeasy by Galois.linutronix.de with local (Exim 4.80) (envelope-from ) id 1gRL0z-0006QA-Tk; Mon, 26 Nov 2018 18:49:46 +0100 Date: Mon, 26 Nov 2018 18:49:45 +0100 From: Sebastian Andrzej Siewior To: Jann Horn Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Andy Lutomirski , kernel-hardening@lists.openwall.com, "Naveen N. Rao" , linux-kernel@vger.kernel.org, "H. Peter Anvin" , x86@kernel.org Subject: Re: [PATCH] x86/fpu: XRSTOR is expected to raise #GP Message-ID: <20181126174945.r2ubrlg2gzwog2ez@linutronix.de> References: <20181126172706.184008-1-jannh@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20181126172706.184008-1-jannh@google.com> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018-11-26 18:27:06 [+0100], Jann Horn wrote: > commit 75045f77f7a7 ("x86/extable: Introduce _ASM_EXTABLE_UA for uaccess > fixups") incorrectly replaced the fixup entry for XSTATE_OP with a > user-#PF-only fixup. However, XRSTOR can also raise #GP when the supplied > address points to userspace memory. Change it back. The #GP is raised if the xstate content is invalid. But I guess the details don't matter. > Reported-by: Sebastian Andrzej Siewior > Fixes: 75045f77f7a7 ("x86/extable: Introduce _ASM_EXTABLE_UA for uaccess fixups") > Signed-off-by: Jann Horn Acked-by: Sebastian Andrzej Siewior > --- > arch/x86/include/asm/fpu/internal.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h > index 5f7290e6e954..69dcdf195b61 100644 > --- a/arch/x86/include/asm/fpu/internal.h > +++ b/arch/x86/include/asm/fpu/internal.h > @@ -226,7 +226,7 @@ static inline void copy_fxregs_to_kernel(struct fpu *fpu) > "3: movl $-2,%[err]\n\t" \ > "jmp 2b\n\t" \ > ".popsection\n\t" \ > - _ASM_EXTABLE_UA(1b, 3b) \ > + _ASM_EXTABLE(1b, 3b) \ So you revert to what we had before. That works, tested. > : [err] "=r" (err) \ > : "D" (st), "m" (*st), "a" (lmask), "d" (hmask) \ > : "memory") > -- > 2.20.0.rc0.387.gc7a69e6b6c-goog Sebastian