Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp957578ybk; Sun, 10 May 2020 01:51:13 -0700 (PDT) X-Google-Smtp-Source: APiQypLW3SPmOG9J5C8PMJE0CCuQ95fUDslCxjDcG9VimEu7t4BAVhGjn4YvopIykoEqBTT+oVM0 X-Received: by 2002:a05:6402:1fc:: with SMTP id i28mr8723276edy.18.1589100673694; Sun, 10 May 2020 01:51:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589100673; cv=none; d=google.com; s=arc-20160816; b=hJppmpfUToKNPenYN4c2+PeXvWPoZLF8/TSAKtIz8GCHr7Yh2UgacTUHqgnnNA5Zlq 2s+kPZXA73mI688Lnj8/kwc7RYPbSg8HDmLdt6/HZXGeEIE+KQbXSoECrsxhRerI5OzH oupcQnFgbWp5gIf/cpsFaD3eywcuNFy32WH5x5t9TLFnWFe9IJMfU4oSlVhdswks2nY1 beFVnUZfbfTvkIQoPpgTm6nBmH7+ESpqsh6yH/Pbz5Ft0jG3icALy918QeUgLLv00U+c 7u8dUcN/qKw3Y3WZjWP1rg7LBDo6KNQkRCXa0YCwOj5ikANWk2Fs0HIza7b1Nk10TVjC qp6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=cJt3m43Tte7FIktTGVo2OqFin9YPSmlkRprr/ESg6qo=; b=hDpsbRoRN54TVaagRD8euRR59bJvhzY3p0kb7mUykx4BAGtS6Kgs3mLlte9g1HAS05 Tsmc8r8QOc8Pb4KBUDuJ6Z3ElbVB/RjQxpq2b2BljiNwSgDN49JVqfMTo12osHyYrI5T 7g2H7vC/hH4OS78429AsIFkYG03+qfuKzn5hAPHCNG+bT4YttzUzbUQWZT2LG5EmQpuy uBL4/iuVOtthrUlUHmwOJyWDmZ21mVVp0lSHHjxDnayzF4PGN6rNAQmkL3Q9FAnCou67 PjQTihDalLv+IWlDYXunCdDERmexohxkgid8GZWfa4Sv2Hmc5i2ATnwS67GXpZzld2+S jHIQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=TBIWjP52; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w21si3843331ejz.276.2020.05.10.01.50.50; Sun, 10 May 2020 01:51:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=TBIWjP52; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728808AbgEJItT (ORCPT + 99 others); Sun, 10 May 2020 04:49:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725839AbgEJItS (ORCPT ); Sun, 10 May 2020 04:49:18 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7D0F7C061A0C for ; Sun, 10 May 2020 01:49:18 -0700 (PDT) Received: from zn.tnic (p200300EC2F286200C518754118B553FE.dip0.t-ipconnect.de [IPv6:2003:ec:2f28:6200:c518:7541:18b5:53fe]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id C971E1EC0295; Sun, 10 May 2020 10:49:16 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1589100556; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=cJt3m43Tte7FIktTGVo2OqFin9YPSmlkRprr/ESg6qo=; b=TBIWjP52EboyBR1qt+2U/JYq624Wsx8uQ9JGEn0yB05PrxC+jMWxyKPJtIqDR2XNCkpcHC hZYBkIn3+L78iKWq1e3AYI496znRpqbt8qDmlKPhA+u7wuNx78WjdyjoZJNBJwPhdS22F0 Iwy2LHvNF8zRUnbTErLBabpZEBL9gK4= Date: Sun, 10 May 2020 10:49:17 +0200 From: Borislav Petkov To: Yu-cheng Yu Cc: linux-kernel@vger.kernel.org, x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , Dave Hansen , Tony Luck , Andy Lutomirski , Rik van Riel , "Ravi V. Shankar" , Sebastian Andrzej Siewior , Fenghua Yu , Peter Zijlstra Subject: Re: [PATCH v3 10/10] x86/fpu/xstate: Restore supervisor states for signal return Message-ID: <20200510084917.GB19352@zn.tnic> References: <20200328164307.17497-1-yu-cheng.yu@intel.com> <20200328164307.17497-11-yu-cheng.yu@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20200328164307.17497-11-yu-cheng.yu@intel.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Mar 28, 2020 at 09:43:07AM -0700, Yu-cheng Yu wrote: > v3: > - Change copy_xregs_to_kernel() to copy_supervisor_to_kernel(), which is > introduced in a previous patch. > - Update commit log. > > Signed-off-by: Yu-cheng Yu > Reviewed-by: Dave Hansen > --- > arch/x86/kernel/fpu/signal.c | 27 ++++++++++++++++++++++----- > 1 file changed, 22 insertions(+), 5 deletions(-) Took Sebastian and me a while to grok the whole situation so pls add the comments below to that patch when sending it in your next revision. Thx. --- diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 4dad5afc938d..06e88d6ebb07 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -347,7 +347,19 @@ static int __fpu__restore_sig(void __user *buf, void __user *buf_fx, int size) ret = copy_user_to_fpregs_zeroing(buf_fx, user_xfeatures, fx_only); pagefault_enable(); if (!ret) { - /* Restore supervisor states */ + + /* + * Restore supervisor states: previous context switch + * etc has done XSAVES and saved the supervisor states + * in the kernel buffer from which they can be restored + * now. + * + * We cannot do a single XRSTORS here - which would + * be nice - because the rest of the FPU registers are + * being restored from a user buffer directly. The + * single XRSTORS happens below, when the user buffer + * has been copied to the kernel one. + */ if (test_thread_flag(TIF_NEED_FPU_LOAD) && xfeatures_mask_supervisor()) copy_kernel_to_xregs(&fpu->state.xsave, @@ -369,15 +381,19 @@ static int __fpu__restore_sig(void __user *buf, void __user *buf_fx, int size) } /* - * Supervisor states are not modified by user space input. Save - * current supervisor states first. * By setting TIF_NEED_FPU_LOAD it is ensured that our xstate is * not modified on context switch and that the xstate is considered * to be loaded again on return to userland (overriding last_cpu avoids * the optimisation). */ fpregs_lock(); + if (!test_thread_flag(TIF_NEED_FPU_LOAD)) { + + /* + * Supervisor states are not modified by user space input. Save + * current supervisor states first and invalidate the FPU regs. + */ if (xfeatures_mask_supervisor()) copy_supervisor_to_kernel(&fpu->state.xsave); set_thread_flag(TIF_NEED_FPU_LOAD); @@ -405,6 +421,7 @@ static int __fpu__restore_sig(void __user *buf, void __user *buf_fx, int size) fpregs_lock(); if (unlikely(init_bv)) copy_kernel_to_xregs(&init_fpstate.xsave, init_bv); + /* * Restore previously saved supervisor xstates along with * copied-in user xstates. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette