Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2343960rwd; Fri, 19 May 2023 04:38:51 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6DIz3SyRQ/4ZaHieWivSqglwyk8H2h5KfYV4SAzUXNGCn0FlwMByi0OWxhaMtMOErDcjpr X-Received: by 2002:a05:6a21:33a0:b0:105:888d:d593 with SMTP id yy32-20020a056a2133a000b00105888dd593mr3344280pzb.18.1684496330708; Fri, 19 May 2023 04:38:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684496330; cv=none; d=google.com; s=arc-20160816; b=CgA3U/rDz29q/gFQQAlZe+RwPASE9lwOvOM1q2zFKuLaFeurTbo4Ivvsxq3P81PAFP 4e3JbVb0szXoKnqUd4RaGBJ0JE9kbi3r1ZjQjCTBs3tK3RQieIfpJMIwsk1+CcrL+w8w l5T8yjfvA0VHPlNtsIi6Kqff6C6f200uwxNHc7fKGwrPcj7XevSja5bNksyaYXZHKg7h qOYMBzolBmjojXoZEhJcQ0IPyavVf0Byi/uCyJNduf8RJmi2yRy04PjIqB3saHiPuc5Z EOHM4ArbSHGF5ToiclFqJ7KTRtbudJKWzrKjDxMprxTzQpgMU8RaJ58/Qd5sMMCe9gHc wD3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=DJEkgdbDwAplEONKdRUjU0FV8ZN9Nm0azo2uUq8WYdE=; b=0Hml1oCWVEuwD23dbzgwOKanZlrFdPzFHwXsvTazsbhKtiC0DnOypeDIZLJZcz9dFX 5JoLrGs1P1WpkG/q9wOKJ2lIqtIFv34rZSTPO8YoA675gtmpvzVz5+ctcM04SigXknQg ukLLDS5IZn8wMj03qmXc3Jw9tyFwlgXessgofQmI1V4Cm9VL37ZHl2LYpKsm8BXPApIe oddR/bokCXt33ujuzHr5Kd9q61GNhlajbqZYBchpoMHq+ynCK29okqDoCGRHVVavIRVP 0R/tGSsoeh2wAv1k3FmMOWzl6tiNieQQrOMEI0YG9LW1We4rr7pXc5Ht1L7loXNNj7D2 M9aw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=PD4e5jaY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z14-20020a63b04e000000b0052cb36e0bfcsi3424216pgo.197.2023.05.19.04.38.37; Fri, 19 May 2023 04:38:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=PD4e5jaY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231226AbjESLZK (ORCPT + 99 others); Fri, 19 May 2023 07:25:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58664 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231440AbjESLYt (ORCPT ); Fri, 19 May 2023 07:24:49 -0400 Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 25FBE10DC for ; Fri, 19 May 2023 04:24:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1684495485; x=1716031485; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=DJEkgdbDwAplEONKdRUjU0FV8ZN9Nm0azo2uUq8WYdE=; b=PD4e5jaYzygGbs4zCEkFLCb0Kcm4fRit4RhC26E9QmFovM2FvJjzSpoN 8Jheg0b/ohnqpDtWeivWUukT30+tME03W+usN3WhZcghtvyPqZcKxPoiL K8YKhosBUYffxzwWfKnKEOYqRwaFdZG6Jh3xiI3zcZWdv23koOh3IWgQJ E=; X-IronPort-AV: E=Sophos;i="6.00,176,1681171200"; d="scan'208";a="333499146" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-m6i4x-e7094f15.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 May 2023 11:24:40 +0000 Received: from EX19D002EUA002.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2c-m6i4x-e7094f15.us-west-2.amazon.com (Postfix) with ESMTPS id 8480B40D3C; Fri, 19 May 2023 11:24:38 +0000 (UTC) Received: from EX19D048EUC002.ant.amazon.com (10.252.61.160) by EX19D002EUA002.ant.amazon.com (10.252.50.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Fri, 19 May 2023 11:24:37 +0000 Received: from EX19MTAUWC001.ant.amazon.com (10.250.64.145) by EX19D048EUC002.ant.amazon.com (10.252.61.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Fri, 19 May 2023 11:24:36 +0000 Received: from dev-dsk-attofari-1c-9e00ebdc.eu-west-1.amazon.com (10.13.242.123) by mail-relay.amazon.com (10.250.64.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26 via Frontend Transport; Fri, 19 May 2023 11:24:34 +0000 From: Adamos Ttofari To: , CC: , , Ingo Molnar , Borislav Petkov , Dave Hansen , , "H. Peter Anvin" , Kyle Huey , Andrew Cooper , Subject: [PATCH v3] x86: fpu: Keep xfd_state always in sync with MSR_IA32_XFD Date: Fri, 19 May 2023 11:23:12 +0000 Message-ID: <20230519112315.30616-1-attofari@amazon.de> X-Mailer: git-send-email 2.39.2 In-Reply-To: <87y1ltbtkh.ffs@tglx> References: <87y1ltbtkh.ffs@tglx> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE,T_SPF_PERMERROR autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd_state to keep the MSR_IA32_XFD value cached. In order to avoid unnecessary writes to the MSR. On CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which wipes out any stale state. But the per CPU cached xfd value is not reset, which brings them out of sync. As a consequence a subsequent xfd_update_state() might fail to update the MSR which in turn can result in XRSTOR raising a #NM in kernel space, which crashes the kernel. To address the issue mentioned, initialize xfd_state together with MSR_IA32_XFD. Fixes: 672365477ae8 ("x86/fpu: Update XFD state where required") Signed-off-by: Adamos Ttofari --- arch/x86/kernel/fpu/xstate.c | 5 +++-- arch/x86/kernel/fpu/xstate.h | 14 ++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index 0bab497c9436..9bff4f07358d 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -177,10 +177,11 @@ void fpu__init_cpu_xstate(void) * Must happen after CR4 setup and before xsetbv() to allow KVM * lazy passthrough. Write independent of the dynamic state static * key as that does not work on the boot CPU. This also ensures - * that any stale state is wiped out from XFD. + * that any stale state is wiped out from XFD. Reset the per CPU + * xfd cache too. */ if (cpu_feature_enabled(X86_FEATURE_XFD)) - wrmsrl(MSR_IA32_XFD, init_fpstate.xfd); + xfd_set_state(init_fpstate.xfd); /* * XCR_XFEATURE_ENABLED_MASK (aka. XCR0) sets user features diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index a4ecb04d8d64..d272fc214113 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -147,20 +147,26 @@ static inline void xfd_validate_state(struct fpstate *fpstate, u64 mask, bool rs #endif #ifdef CONFIG_X86_64 +static inline void xfd_set_state(u64 xfd) +{ + wrmsrl(MSR_IA32_XFD, xfd); + __this_cpu_write(xfd_state, xfd); +} + static inline void xfd_update_state(struct fpstate *fpstate) { if (fpu_state_size_dynamic()) { u64 xfd = fpstate->xfd; - if (__this_cpu_read(xfd_state) != xfd) { - wrmsrl(MSR_IA32_XFD, xfd); - __this_cpu_write(xfd_state, xfd); - } + if (__this_cpu_read(xfd_state) != xfd) + xfd_set_state(xfd); } } extern int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu); #else +static inline void xfd_set_state(u64 xfd) { } + static inline void xfd_update_state(struct fpstate *fpstate) { } static inline int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu) { -- 2.39.2 Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879