From: tip-bot for Eric Biggers <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: bp@alien8.de, ebiggers3@gmail.com, akpm@linux-foundation.org,
dave.hansen@linux.intel.com, dvyukov@google.com,
tglx@linutronix.de, ebiggers@google.com, fenghua.yu@intel.com,
mhalcrow@google.com, haokexin@gmail.com, wanpeng.li@hotmail.com,
linux-kernel@vger.kernel.org, torvalds@linux-foundation.org,
luto@kernel.org, oleg@redhat.com, hpa@zytor.com,
keescook@chromium.org, mingo@kernel.org, yu-cheng.yu@intel.com,
riel@redhat.com, peterz@infradead.org, luto@amacapital.net
Subject: [tip:x86/fpu] x86/fpu: Use validate_xstate_header() to validate the xstate_header in xstateregs_set()
Date: Tue, 26 Sep 2017 01:34:46 -0700 [thread overview]
Message-ID: <tip-cf9df81b139b6ebaec188d73758f02ca3b2110e4@git.kernel.org> (raw)
In-Reply-To: <20170924105913.9157-3-mingo@kernel.org>
Commit-ID: cf9df81b139b6ebaec188d73758f02ca3b2110e4
Gitweb: http://git.kernel.org/tip/cf9df81b139b6ebaec188d73758f02ca3b2110e4
Author: Eric Biggers <ebiggers@google.com>
AuthorDate: Sun, 24 Sep 2017 12:59:05 +0200
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Tue, 26 Sep 2017 09:43:45 +0200
x86/fpu: Use validate_xstate_header() to validate the xstate_header in xstateregs_set()
Tighten the checks in xstateregs_set().
Signed-off-by: Eric Biggers <ebiggers@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Eric Biggers <ebiggers3@gmail.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Kevin Hao <haokexin@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Michael Halcrow <mhalcrow@google.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Wanpeng Li <wanpeng.li@hotmail.com>
Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
Cc: kernel-hardening@lists.openwall.com
Link: http://lkml.kernel.org/r/20170924105913.9157-3-mingo@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/fpu/regset.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c
index ee8d2f0..b831d5b 100644
--- a/arch/x86/kernel/fpu/regset.c
+++ b/arch/x86/kernel/fpu/regset.c
@@ -141,27 +141,20 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset,
ret = copy_user_to_xstate(xsave, ubuf);
} else {
ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
-
- /* xcomp_bv must be 0 when using uncompacted format */
- if (!ret && xsave->header.xcomp_bv)
- ret = -EINVAL;
+ if (!ret)
+ ret = validate_xstate_header(&xsave->header);
}
/*
- * In case of failure, mark all states as init:
- */
- if (ret)
- fpstate_init(&fpu->state);
-
- /*
* mxcsr reserved bits must be masked to zero for security reasons.
*/
xsave->i387.mxcsr &= mxcsr_feature_mask;
- xsave->header.xfeatures &= xfeatures_mask;
+
/*
- * These bits must be zero.
+ * In case of failure, mark all states as init:
*/
- memset(&xsave->header.reserved, 0, 48);
+ if (ret)
+ fpstate_init(&fpu->state);
return ret;
}
next prev parent reply other threads:[~2017-09-26 8:43 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-24 10:59 [PATCH 00/10] x86/fpu: Split up "x86/fpu: Tighten validation of user-supplied xstate_header" Ingo Molnar
2017-09-24 10:59 ` [PATCH 01/10] x86/fpu: Introduce validate_xstate_header() Ingo Molnar
2017-09-26 8:34 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 02/10] x86/fpu: Use validate_xstate_header() to validate the xstate_header in xstateregs_set() Ingo Molnar
2017-09-26 8:34 ` tip-bot for Eric Biggers [this message]
2017-09-24 10:59 ` [PATCH 03/10] x86/fpu: Use validate_xstate_header() to validate the xstate_header in sanitize_restored_xstate() Ingo Molnar
2017-09-24 18:51 ` Eric Biggers
2017-09-24 19:02 ` Ingo Molnar
2017-09-24 20:08 ` Eric Biggers
2017-09-25 6:07 ` Ingo Molnar
2017-09-25 6:14 ` Ingo Molnar
2017-09-25 7:20 ` Eric Biggers
2017-09-25 7:30 ` Ingo Molnar
2017-09-26 8:35 ` [tip:x86/fpu] x86/fpu: Use validate_xstate_header() to validate the xstate_header in __fpu__restore_sig() tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 04/10] x86/fpu: Copy the full state_header in copy_kernel_to_xstate() Ingo Molnar
2017-09-26 8:35 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 05/10] x86/fpu: Eliminate the 'xfeatures' local variable " Ingo Molnar
2017-09-26 8:35 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 06/10] x86/fpu: Use validate_xstate_header() to validate the xstate_header " Ingo Molnar
2017-09-26 8:36 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 07/10] x86/fpu: Copy the full header in copy_user_to_xstate() Ingo Molnar
2017-09-26 8:36 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 08/10] x86/fpu: Eliminate the 'xfeatures' local variable " Ingo Molnar
2017-09-26 8:37 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 09/10] x86/fpu: Use validate_xstate_header() to validate the xstate_header " Ingo Molnar
2017-09-26 8:37 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 10:59 ` [PATCH 10/10] x86/fpu: Use using_compacted_format() instead of open coded X86_FEATURE_XSAVES Ingo Molnar
2017-09-26 8:37 ` [tip:x86/fpu] " tip-bot for Eric Biggers
2017-09-24 18:04 ` [PATCH 00/10] x86/fpu: Split up "x86/fpu: Tighten validation of user-supplied xstate_header" Linus Torvalds
2017-09-24 19:01 ` Ingo Molnar
2017-09-26 16:28 ` [RFC GIT PULL] x86 FPU fixes and cleanups Ingo Molnar
2017-09-26 18:17 ` Linus Torvalds
2017-09-27 7:40 ` [RFC GIT PULL, v2] " Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-cf9df81b139b6ebaec188d73758f02ca3b2110e4@git.kernel.org \
--to=tipbot@zytor.com \
--cc=akpm@linux-foundation.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=fenghua.yu@intel.com \
--cc=haokexin@gmail.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mhalcrow@google.com \
--cc=mingo@kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=wanpeng.li@hotmail.com \
--cc=yu-cheng.yu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.