Re: [tip:x86/efi] x86/efi: Check for unsafe dealing with FPU state in irq ctxt

["H. Peter Anvin" <hpa@zytor.com>]

On 06/05/2014 09:18 AM, Borislav Petkov wrote:
> On Thu, Jun 05, 2014 at 09:14:51AM -0700, Andy Lutomirski wrote:
>> Is this NMI pstore thing done from any context that's supposed to be
>> recoverable? It's always safe to use the FPU and then panic :)
> 
> Right :)
> 
>> Anyway, if we're just talking about EFI, there's an easier solution:
>> just preallocate a per-cpu FPU context for EFI and make the whole mess
>> be local to the EFI code.  For crypto, that's not so good.
> 
> This is probably something for Matt to decide but it sounds doable. If
> I'd have to guess, sooner or later we will need to do proper FPU context
> handling for EFI as I don't see anything stopping it from using FPU
> insns. At least we won't. :-)
> 

The bottom line is that we can't call EFI from a context where we can't
use the FPU.  Or specifically, we can't then resume execution.  If all
we're doing is stashing away some data before dying, well, then, by all
means - but we need to make sure that is what actually happens.

As far adding additional xstate save areas, the current size of the
xstate is about ~2.5K for AVX-512 enabled processors, and we need one
per thread.  If we make that two copies, then
kernel_fpu_begin()..._end() would no longer have to disable preemption,
but it wouldn't resolve the conflict about using the FPU from IRQ
context when inside kernel_fpu_begin().._end().

To support the FPU in IRQ context we end up having to create a percpu
FPU state stack, and it becomes then a matter of how deep that stack
would have to be.

	-hpa