[PATCH urgent 0/2] x86: vm86 fix and test

[PATCH urgent 0/2] x86: vm86 fix and test

[Andy Lutomirski]

Calling vm86 and then forking will corrupt things.  Fix it.

This is for x86/urgent.  It fixes a 4.3 regression.

Andy Lutomirski (2):
  selftests/x86: Add a fork() to entry_from_vm86 to catch fork bugs
  x86/vm86: Set thread.vm86 to NULL on fork/clone

 arch/x86/kernel/process.c                     | 3 +++
 tools/testing/selftests/x86/entry_from_vm86.c | 4 ++++
 2 files changed, 7 insertions(+)

-- 
2.4.3

[PATCH urgent 1/2] selftests/x86: Add a fork() to entry_from_vm86 to catch fork bugs

[Andy Lutomirski]

Mere possession of vm86 state is strange.  Make sure that nothing
gets corrupted if we fork after calling vm86().

Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
 tools/testing/selftests/x86/entry_from_vm86.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/testing/selftests/x86/entry_from_vm86.c b/tools/testing/selftests/x86/entry_from_vm86.c
index 9a43a59a9bb4..13b2965472e3 100644
--- a/tools/testing/selftests/x86/entry_from_vm86.c
+++ b/tools/testing/selftests/x86/entry_from_vm86.c
@@ -229,5 +229,9 @@ int main(void)
 	}
 	clearhandler(SIGSEGV);
 
+	/* Make sure nothing explodes if we fork. */
+	if (fork() > 0)
+		return 0;
+
 	return (nerrs == 0 ? 0 : 1);
 }
-- 
2.4.3

[tip:x86/urgent] selftests/x86: Add a fork() to entry_from_vm86 to catch fork bugs

[tip-bot for Andy Lutomirski]

Commit-ID:  226f1f729ce277720fab60c91dd1b12574cfe66c
Gitweb:     http://git.kernel.org/tip/226f1f729ce277720fab60c91dd1b12574cfe66c
Author:     Andy Lutomirski <luto@kernel.org>
AuthorDate: Fri, 30 Oct 2015 22:42:45 -0700
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Sat, 31 Oct 2015 09:50:25 +0100

selftests/x86: Add a fork() to entry_from_vm86 to catch fork bugs

Mere possession of vm86 state is strange.  Make sure that nothing
gets corrupted if we fork after calling vm86().

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Stas Sergeev <stsp@list.ru>
Link: http://lkml.kernel.org/r/08f83295460a80e41dc5e3e81ec40d6844d316f5.1446270067.git.luto@kernel.org
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 tools/testing/selftests/x86/entry_from_vm86.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/testing/selftests/x86/entry_from_vm86.c b/tools/testing/selftests/x86/entry_from_vm86.c
index 421c607..d075ea0 100644
--- a/tools/testing/selftests/x86/entry_from_vm86.c
+++ b/tools/testing/selftests/x86/entry_from_vm86.c
@@ -230,5 +230,9 @@ int main(void)
 	}
 	clearhandler(SIGSEGV);
 
+	/* Make sure nothing explodes if we fork. */
+	if (fork() > 0)
+		return 0;
+
 	return (nerrs == 0 ? 0 : 1);
 }

[PATCH urgent 2/2] x86/vm86: Set thread.vm86 to NULL on fork/clone

[Andy Lutomirski]

thread.vm86 points to per-task information -- the pointer should not
be copied on clone.

Fixes: d4ce0f26c790 ("x86/vm86: Move fields from 'struct kernel_vm86_struct' to 'struct vm86'")
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
 arch/x86/kernel/process.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 2199d9b774c8..b9ac5434e176 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -83,6 +83,9 @@ EXPORT_SYMBOL_GPL(idle_notifier_unregister);
 int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src)
 {
 	memcpy(dst, src, arch_task_struct_size);
+#ifdef CONFIG_VM86
+	dst->thread.vm86 = NULL;
+#endif
 
 	return fpu__copy(&dst->thread.fpu, &src->thread.fpu);
 }
-- 
2.4.3

[tip:x86/urgent] x86/vm86: Set thread.vm86 to NULL on fork/clone

[tip-bot for Andy Lutomirski]

Commit-ID:  2459ee8651dc5ab72790c2ffa99af288c7641b64
Gitweb:     http://git.kernel.org/tip/2459ee8651dc5ab72790c2ffa99af288c7641b64
Author:     Andy Lutomirski <luto@kernel.org>
AuthorDate: Fri, 30 Oct 2015 22:42:46 -0700
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Sat, 31 Oct 2015 09:50:25 +0100

x86/vm86: Set thread.vm86 to NULL on fork/clone

thread.vm86 points to per-task information -- the pointer should not
be copied on clone.

Fixes: d4ce0f26c790 ("x86/vm86: Move fields from 'struct kernel_vm86_struct' to 'struct vm86'")
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Stas Sergeev <stsp@list.ru>
Link: http://lkml.kernel.org/r/71c5d6985d70ec8197c8d72f003823c81b7dcf99.1446270067.git.luto@kernel.org
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/kernel/process.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index e28db18..9f7c21c 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -84,6 +84,9 @@ EXPORT_SYMBOL_GPL(idle_notifier_unregister);
 int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src)
 {
 	memcpy(dst, src, arch_task_struct_size);
+#ifdef CONFIG_VM86
+	dst->thread.vm86 = NULL;
+#endif
 
 	return fpu__copy(&dst->thread.fpu, &src->thread.fpu);
 }