From: Eric Biggers <ebiggers@kernel.org>
To: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: x86-ml <x86@kernel.org>, "Borislav Petkov" <bp@suse.de>,
"Dave Hansen" <dave.hansen@intel.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Andy Lutomirski" <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Ingo Molnar" <mingo@redhat.com>, "Jann Horn" <jannh@google.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
"kvm ML" <kvm@vger.kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Rik van Riel" <riel@surriel.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] x86/fpu: Update kernel's FPU state before using for the fsave header
Date: Fri, 7 Jun 2019 10:09:49 -0700 [thread overview]
Message-ID: <20190607170949.GA648@sol.localdomain> (raw)
In-Reply-To: <20190607142915.y52mfmgk5lvhll7n@linutronix.de>
On Fri, Jun 07, 2019 at 04:29:16PM +0200, Sebastian Andrzej Siewior wrote:
> In commit
>
> 39388e80f9b0c ("x86/fpu: Don't save fxregs for ia32 frames in copy_fpstate_to_sigframe()")
>
> I removed the statement
> | if (ia32_fxstate)
> | copy_fxregs_to_kernel(fpu);
>
> and argued that is was wrongly merged because the content was already
> saved in kernel's state and the content.
> This was wrong: It is required to write it back because it is only saved
> on the user-stack and save_fsave_header() reads it from task's
> FPU-state. I missed that part…
>
> Save x87 FPU state unless thread's FPU registers are already up to date.
>
> Fixes: 39388e80f9b0c ("x86/fpu: Don't save fxregs for ia32 frames in copy_fpstate_to_sigframe()")
> Reported-by: Eric Biggers <ebiggers@kernel.org>
> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
> ---
> arch/x86/kernel/fpu/signal.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
> index 060d6188b4533..0071b794ed193 100644
> --- a/arch/x86/kernel/fpu/signal.c
> +++ b/arch/x86/kernel/fpu/signal.c
> @@ -62,6 +62,11 @@ static inline int save_fsave_header(struct task_struct *tsk, void __user *buf)
> struct user_i387_ia32_struct env;
> struct _fpstate_32 __user *fp = buf;
>
> + fpregs_lock();
> + if (!test_thread_flag(TIF_NEED_FPU_LOAD))
> + copy_fxregs_to_kernel(&tsk->thread.fpu);
> + fpregs_unlock();
> +
> convert_from_fxsr(&env, tsk);
>
> if (__copy_to_user(buf, &env, sizeof(env)) ||
> --
> 2.20.1
>
Tested-by: Eric Biggers <ebiggers@kernel.org>
- Eric
next prev parent reply other threads:[~2019-06-07 17:10 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-04 18:53 [5.2 regression] copy_fpstate_to_sigframe() change causing crash in 32-bit process Eric Biggers
2019-06-05 14:04 ` Sebastian Andrzej Siewior
2019-06-05 17:32 ` Eric Biggers
2019-06-06 17:30 ` Sebastian Andrzej Siewior
2019-06-07 14:29 ` [PATCH] x86/fpu: Update kernel's FPU state before using for the fsave header Sebastian Andrzej Siewior
2019-06-07 17:09 ` Eric Biggers [this message]
2019-06-08 9:49 ` [tip:x86/urgent] " tip-bot for Sebastian Andrzej Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190607170949.GA648@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=bigeasy@linutronix.de \
--cc=bp@suse.de \
--cc=dave.hansen@intel.com \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=riel@surriel.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.