Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp4694567iob; Sun, 8 May 2022 22:16:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxBIPOF62EPTXCJL1WQKzEPUCx7VaEEQqf8LArrWQ7ACbi1C5POjZu2xIv01nRcOxbFTgd3 X-Received: by 2002:a17:903:40cb:b0:15f:c1f:5f87 with SMTP id t11-20020a17090340cb00b0015f0c1f5f87mr4689639pld.83.1652073413589; Sun, 08 May 2022 22:16:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652073413; cv=none; d=google.com; s=arc-20160816; b=HYkdN7U3WewlFlWVEC7tmWR0a4OKIV+J9RWLkaCMN3U/DKqrSxC5YqZKNuMrfWgwf8 JjGvdZA14UON0GKMQKPk78WQHKOeESBLrsx3M2nWHL38Nd+aaGr98UoXIkhqM70WzS/X NgYAh0ipqb3gT3Tjrz6WqrB9JRem7rn8xlwX5nAFRkxGvpxMtbpfB3PR5afdK0ja4M27 +ZYqpkyLXjTM+/VWEKKmCi/oLNMiw5ogpyuFDn2Ql+cnl6tIxlqD4gZlG9XHgNMIGmZa Zx+kZdNmB/GVJ4FbbtX7BbsTHE28PNjdDCPo3WrJN1bHEwYSOOv4QcvnW74wcQ1FbWIW 4+uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:date:mime-version:content-transfer-encoding :message-id:references:subject:cc:to:dkim-signature:dkim-signature :from; bh=23uoMWOSbZFEDZ+lD4psiytK5JZ2eAs3VrMpI5yC2+w=; b=hH8iCwOCQcTSJ1cDLZVhRbxDhioqKQr+5UK82VLfPH9gbl4hKvQAuVRitmlFBOmF0f tUthyHnxtPeivvcfMF2Qpr246Uj3Dn594jHviZ34GIqnm6cZ8Vvs4vjKVKg02cUdHzYu 4/uFUN69e+25p1/jhlLQPnZ1gyubTzKW8EU+w7zZr51Sn/CDG5oL6qITZIqQvLKuN0Dk ukfeilGhg9nv9I5R5gQekIw/R1vZRZ+7r/QCneS0niD8Q54aeXF/5Ee58Kt3/vQozTEl qNV5OAnsC4bFECu2m8HvgrPhr5PdnXM4HjJWQX7CwYYpLVoQeUWP/Xt8XJG7CkRZCWnM nwnA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b="2HMOGF/B"; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id c13-20020a170902d48d00b00158b024df25si11567931plg.555.2022.05.08.22.16.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 May 2022 22:16:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b="2HMOGF/B"; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B569710307F; Sun, 8 May 2022 22:12:57 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232462AbiEHMLG (ORCPT + 99 others); Sun, 8 May 2022 08:11:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56564 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229798AbiEHMLE (ORCPT ); Sun, 8 May 2022 08:11:04 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9DC4E60C0 for ; Sun, 8 May 2022 05:07:14 -0700 (PDT) From: Thomas Gleixner DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1652011633; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: references:references; bh=23uoMWOSbZFEDZ+lD4psiytK5JZ2eAs3VrMpI5yC2+w=; b=2HMOGF/BAVuO4X/KNGuft1AWpo7l4a4qL86tNtwYl4s+mzILUgpBqA0j8t/iWY+vbqhw2A jdwWCcDlTVpLPSV2IPxcy+SHgVn8cPW/ijo9ExM2WWQFARFN2VrkavslGcPwA4d6VypNzJ 4r2fmzrDZZD/o93COuBskD35Gq49XxrCuRmaHYDniUNtfMvaWVh6YItIvx+Xemma4nMH0s Mj4A3kfLhfZWVXkC9glmnmUF9RhpBlCU75DDAt3EQ3lrphPqsktrQicdaw/uqg6qA5s2dU pHfG24MUTCxb3wWm/KGaPf0c6d2zvbw5k47xKxehAXqBSwTMgWXaPuDUB0ggnA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1652011633; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: references:references; bh=23uoMWOSbZFEDZ+lD4psiytK5JZ2eAs3VrMpI5yC2+w=; b=bro1s94+hr/m++bH11HytUI4sJSWijOEY0wZE9+wNEN2CV2NsatVg/2mfh19HewwEl3FUk wBd5Jf5KgLje7DBA== To: Linus Torvalds Cc: linux-kernel@vger.kernel.org, x86@kernel.org Subject: [GIT pull] x86/urgent for v5.18-rc6 References: <165201148069.536527.1960632033331546251.tglx@xen13> Message-ID: <165201159583.536601.1349852832993944140.tglx@xen13> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Date: Sun, 8 May 2022 14:07:12 +0200 (CEST) X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Linus, please pull the latest x86/urgent branch from: git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-urgent-2022-= 05-08 up to: 59f5ede3bc0f: x86/fpu: Prevent FPU state corruption A fix and an email address update: - Prevent FPU state corruption. The condition in irq_fpu_usable() grants FPU usage when the FPU is not used in the kernel. That's just wrong as it does not take the fpregs_lock()'ed regions into account. If FPU usage happens within such a region from interrupt context, then the FPU state gets corrupted. That's a long standing bug, which got unearthed by the recent changes to the random code. - Josh wants to use his kernel.org email address Thanks, tglx ------------------> Josh Poimboeuf (1): MAINTAINERS: Update Josh Poimboeuf's email address Thomas Gleixner (1): x86/fpu: Prevent FPU state corruption MAINTAINERS | 10 +++---- arch/x86/kernel/fpu/core.c | 67 ++++++++++++++++++--------------------------= -- 2 files changed, 31 insertions(+), 46 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index edc96cdb85e8..1e1a2264792d 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -7499,7 +7499,7 @@ F: Documentation/hwmon/f71805f.rst F: drivers/hwmon/f71805f.c =20 FADDR2LINE -M: Josh Poimboeuf +M: Josh Poimboeuf S: Maintained F: scripts/faddr2line =20 @@ -11348,7 +11348,7 @@ F: drivers/mmc/host/litex_mmc.c N: litex =20 LIVE PATCHING -M: Josh Poimboeuf +M: Josh Poimboeuf M: Jiri Kosina M: Miroslav Benes M: Petr Mladek @@ -14224,7 +14224,7 @@ F: lib/objagg.c F: lib/test_objagg.c =20 OBJTOOL -M: Josh Poimboeuf +M: Josh Poimboeuf M: Peter Zijlstra S: Supported F: tools/objtool/ @@ -18792,7 +18792,7 @@ F: include/dt-bindings/reset/starfive-jh7100.h =20 STATIC BRANCH/CALL M: Peter Zijlstra -M: Josh Poimboeuf +M: Josh Poimboeuf M: Jason Baron R: Steven Rostedt R: Ard Biesheuvel @@ -21444,7 +21444,7 @@ F: arch/x86/kernel/apic/x2apic_uv_x.c F: arch/x86/platform/uv/ =20 X86 STACK UNWINDING -M: Josh Poimboeuf +M: Josh Poimboeuf M: Peter Zijlstra S: Supported F: arch/x86/include/asm/unwind*.h diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index c049561f373a..e28ab0ecc537 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -41,17 +41,7 @@ struct fpu_state_config fpu_user_cfg __ro_after_init; */ struct fpstate init_fpstate __ro_after_init; =20 -/* - * Track whether the kernel is using the FPU state - * currently. - * - * This flag is used: - * - * - by IRQ context code to potentially use the FPU - * if it's unused. - * - * - to debug kernel_fpu_begin()/end() correctness - */ +/* Track in-kernel FPU usage */ static DEFINE_PER_CPU(bool, in_kernel_fpu); =20 /* @@ -59,42 +49,37 @@ static DEFINE_PER_CPU(bool, in_kernel_fpu); */ DEFINE_PER_CPU(struct fpu *, fpu_fpregs_owner_ctx); =20 -static bool kernel_fpu_disabled(void) -{ - return this_cpu_read(in_kernel_fpu); -} - -static bool interrupted_kernel_fpu_idle(void) -{ - return !kernel_fpu_disabled(); -} - -/* - * Were we in user mode (or vm86 mode) when we were - * interrupted? - * - * Doing kernel_fpu_begin/end() is ok if we are running - * in an interrupt context from user mode - we'll just - * save the FPU state as required. - */ -static bool interrupted_user_mode(void) -{ - struct pt_regs *regs =3D get_irq_regs(); - return regs && user_mode(regs); -} - /* * Can we use the FPU in kernel mode with the * whole "kernel_fpu_begin/end()" sequence? - * - * It's always ok in process context (ie "not interrupt") - * but it is sometimes ok even from an irq. */ bool irq_fpu_usable(void) { - return !in_interrupt() || - interrupted_user_mode() || - interrupted_kernel_fpu_idle(); + if (WARN_ON_ONCE(in_nmi())) + return false; + + /* In kernel FPU usage already active? */ + if (this_cpu_read(in_kernel_fpu)) + return false; + + /* + * When not in NMI or hard interrupt context, FPU can be used in: + * + * - Task context except from within fpregs_lock()'ed critical + * regions. + * + * - Soft interrupt processing context which cannot happen + * while in a fpregs_lock()'ed critical region. + */ + if (!in_hardirq()) + return true; + + /* + * In hard interrupt context it's safe when soft interrupts + * are enabled, which means the interrupt did not hit in + * a fpregs_lock()'ed critical region. + */ + return !softirq_count(); } EXPORT_SYMBOL(irq_fpu_usable); =20