Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp580062ybt; Wed, 17 Jun 2020 08:35:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxKCf0c1Hb/1dBT8iOQWN6EWVM8Iukj9kROqcghQscl8atst8uZRUNSZsj1DNgMOsDArkac X-Received: by 2002:aa7:c148:: with SMTP id r8mr7996090edp.108.1592408106332; Wed, 17 Jun 2020 08:35:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592408106; cv=none; d=google.com; s=arc-20160816; b=GkZ7xzPV0APdgQJo8mEHy+oTfPAo1FF8fa3kzl+UF5tNUHN7xDgk/ZZAy28l2yXMJp p9fHuaBAes47vf/c5vtXRh3HXg6NkHQ61qxn5kUqLse4MpGEAEAeOklfj5kOCfLTRyOj SxGQQLO8dpT4F7NkNprygZoXICkRurArwkDU5853Xhi3cxmZ3tzjYyysCuxUBFJMQakT UjVi8NK+I3MM4+OVbeFyz887lxNn9MQTDc11iRnvyM/1gvxAe8jsb2sNJooFthVdb/6Q JQUHKGY9cTrTeHXgfvwTwK6CsWAKVvLGATs+AJ959hYy9LFvKRKKmZknIS7s9MrodeRh 5zIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=T1golDGZEJrES9AECIsgNd7Q6JCPqXWMnBLVGHcf590=; b=B08woNO9RjTX/QrGD0FGib3C6vOWUaLds28MNYX+tfUSOH9UxBG/xzap5bAlTys3fk l8Rdmk45yky9uu8IPrbk/mcDc5YJD7o5B/ELwdLdJ9Hcj8BhJJ89sIjom+tuHnfzrPTx nIUzG4fa85o237Wuxpj5L0yNr+0QltK470l7BGFJu329kR/bMZ95oQpupumOnLRXOnSm KfvWu6bWxbe9WoMih7KrP1bWo4rWLKTwPYxyBwR8scaX0zD4YHNlcAJXr8HmUfBxyVy5 NVtSFhpqp3/KXInjcCTiJEshg5sAtyC4aA9miGzy4WoQ55QkfWghU/ThlQcR0AMNj3wP rVrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Cy9AQ+Vy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a6si108110ejs.628.2020.06.17.08.34.43; Wed, 17 Jun 2020 08:35:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Cy9AQ+Vy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726896AbgFQPa4 (ORCPT + 99 others); Wed, 17 Jun 2020 11:30:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726836AbgFQPa4 (ORCPT ); Wed, 17 Jun 2020 11:30:56 -0400 Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3342C06174E for ; Wed, 17 Jun 2020 08:30:54 -0700 (PDT) Received: by mail-wr1-x441.google.com with SMTP id t18so2799684wru.6 for ; Wed, 17 Jun 2020 08:30:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=T1golDGZEJrES9AECIsgNd7Q6JCPqXWMnBLVGHcf590=; b=Cy9AQ+VyuP+0qd3hAJXxGuFHnwH6wTe6yGx3stzIDULpYoHeETmSe6ztIZ0QFNuhzh YP0Y5w4Nr7NQWaYetHLA3x5TpRKrZUOPHhXDrr4Ml9Hk79RfDHNTQmReKnoJwvLCNlbH aE7uJEsPUCN7xeKaG3NwZhQnLisqpQkJPTjeC5lYiW6C/3QDt5WERlGD+L86OyJh81w3 VmQIJAx6UCxqkPOGnUAVo3CLCCzporsc+x7XqpMHVLxuo3pfgRAKK1P9FmtkIhrulvbK n77VSZKxF82bf4d8wwvkbMAmzSqd55/XaMVBtqcXtq/EWwc1FPIIPLmQMYFsmqtZMU/+ kQ8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=T1golDGZEJrES9AECIsgNd7Q6JCPqXWMnBLVGHcf590=; b=TDvBambQJcat6OT3ptK0y6USjPqe7zgmxJtMWv/pKVsUf2grkRgO4kqrKtbjoEOui9 vn348DOFuQdc0rVE7QBti9TbGyW8IUxGCPjjUb8y2uOoPcwK81iI1KbLzfXzW2s0b6fR b/ig/asrV+FPNdbxuolCOsSXQmzYEhzHcQzT9PXG+ArKU12dC000yMMY4vXkx9z4TBZb iEBaiZ0YqpAfmckNtXB4Z+iKtQGC14Sj0nM6oaW3UvjFKLpOsZI8RF715ooFNTFqavbF HZ2Del7LC1JwBVn9aVe4d3Y7kkHLQYtvLQDs3Gh+Yt+pEnGgedDpRNZO9CZuZsXENRtj uLew== X-Gm-Message-State: AOAM531GHDnfNF/bng5ON9qFgqZnb4UzPNV3nv8dRLVpLC1HOg3Dro71 roYTEYqfT8gD848gasUY0ijqJBvMIbSpEj8qEwnUh5P5 X-Received: by 2002:adf:e908:: with SMTP id f8mr8987215wrm.184.1592407853534; Wed, 17 Jun 2020 08:30:53 -0700 (PDT) MIME-Version: 1.0 References: <20200616180123.GL13515@zn.tnic> <1D569B6B-B8C3-497E-8A74-2E1A3D46299E@amacapital.net> <20200617083314.GC10118@zn.tnic> In-Reply-To: <20200617083314.GC10118@zn.tnic> From: Andy Lutomirski Date: Wed, 17 Jun 2020 08:30:42 -0700 Message-ID: Subject: Re: [PATCH] x86/fpu: Reset MXCSR to default in kernel_fpu_begin() To: Borislav Petkov Cc: x86-ml , jpa@kernelbug.mail.kapsi.fi, Dave Hansen , "H. Peter Anvin" , Sebastian Andrzej Siewior , lkml Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 17, 2020 at 1:33 AM Borislav Petkov wrote: > > On Tue, Jun 16, 2020 at 02:17:16PM -0700, Andy Lutomirski wrote: > > We definitely need to sanitize MXCSR for kernel fpu if kernel fpu > > means SSE2. If kernel fpu means x87, we need to fix the fpu control > > word. > > Bah, there's no need to beat around the bush - let's just do: > > if (boot_cpu_has(X86_FEATURE_XMM)) > ldmxcsr(MXCSR_DEFAULT); > > if (boot_cpu_has(X86_FEATURE_FPU)) > asm volatile ("fninit"); > > and be sure that kernel users get a squeaky-clean FPU. > > > On x86_64, I suspect the UEFI ABI technically requires a clean x87 > > control word too. If we=E2=80=99re willing to declare that the kernel p= roper > > won=E2=80=99t use x87, then we could shove that into the UEFI code. > > Nah, we don't trust the firmware. What I mean is: if we trust ourselves to have no x87 instructions in the kernel, we could put the FNINIT in the UEFI stubs to save some cycles. I don't know how slow FNINIT is. > > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette --=20 Andy Lutomirski AMA Capital Management, LLC