From: Will Deacon <will@kernel.org>
To: Mark Rutland <mark.rutland@arm.com>
Cc: linux-arm-kernel@lists.infradead.org, broonie@kernel.org,
catalin.marinas@arm.com, daniel.kiss@arm.com,
david.spickett@arm.com, luis.machado@arm.com, maz@kernel.org,
richard.sandiford@arm.com, sander.desmalen@arm.com,
tabba@google.com, tamas.petz@arm.com, tkjos@google.com,
yury.khrustalev@arm.com
Subject: Re: [PATCH v2 04/24] arm64/fpsimd: signal: Consistently read FPSIMD context
Date: Thu, 8 May 2025 15:34:23 +0100 [thread overview]
Message-ID: <20250508143422.GA4189@willie-the-truck> (raw)
In-Reply-To: <20250508132644.1395904-5-mark.rutland@arm.com>
On Thu, May 08, 2025 at 02:26:24PM +0100, Mark Rutland wrote:
> For historical reasons, restore_sve_fpsimd_context() has an open-coded
> copy of the logic from read_fpsimd_context(), which is used to either
> restore an FPSIMD-only context, or to merge FPSIMD state into an
> SVE state when restoring an SVE+FPSIMD context. The logic is *almost*
> identical.
>
> Refactor the logic to avoid duplication and make this clearer.
>
> This comes with two functional changes that I do not believe will be
> problematic in practice:
>
> * The user_fpsimd_state::size field will be checked in all restore paths
> that consume it user_fpsimd_state. The kernel always populates this
> field when delivering a signal, and so this should contain the
> expected value unless it has been corrupted.
>
> * If a read of user_fpsimd_state fails, we will return early without
> modifying TIF_SVE, the saved SVCR, or the save fp_type. This will
> leave the task in a consistent state, without potentially resurrecting
> stale FPSIMD state. A read of user_fpsimd_state should never fail
> unless the structure has been corrupted or the stack has been
> unmapped.
>
> Suggested-by: Will Deacon <will@kernel.org>
> Signed-off-by: Mark Rutland <mark.rutland@arm.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Mark Brown <broonie@kernel.org>
> Cc: Will Deacon <will@kernel.org>
> ---
> arch/arm64/kernel/signal.c | 57 +++++++++++++++++++-------------------
> 1 file changed, 29 insertions(+), 28 deletions(-)
>
> diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
> index e898948a31b65..87890d7be8de3 100644
> --- a/arch/arm64/kernel/signal.c
> +++ b/arch/arm64/kernel/signal.c
> @@ -264,30 +264,40 @@ static int preserve_fpsimd_context(struct fpsimd_context __user *ctx)
> return err ? -EFAULT : 0;
> }
>
> -static int restore_fpsimd_context(struct user_ctxs *user)
> +static int read_fpsimd_context(struct user_fpsimd_state *fpsimd,
> + struct user_ctxs *user)
> {
> - struct user_fpsimd_state fpsimd;
> - int err = 0;
> + int err;
>
> /* check the size information */
> if (user->fpsimd_size != sizeof(struct fpsimd_context))
> return -EINVAL;
>
> /* copy the FP and status/control registers */
> - err = __copy_from_user(fpsimd.vregs, &(user->fpsimd->vregs),
> - sizeof(fpsimd.vregs));
> - __get_user_error(fpsimd.fpsr, &(user->fpsimd->fpsr), err);
> - __get_user_error(fpsimd.fpcr, &(user->fpsimd->fpcr), err);
> + err = __copy_from_user(fpsimd->vregs, &(user->fpsimd->vregs),
> + sizeof(fpsimd->vregs));
> + __get_user_error(fpsimd->fpsr, &(user->fpsimd->fpsr), err);
> + __get_user_error(fpsimd->fpcr, &(user->fpsimd->fpcr), err);
> +
> + return err;
I think this should return -EFAULT if 'err' is non-zero, otherwise we
can probably propagate the number of bytes not copied from
__copy_from_user().
I'll fix that up when applying.
Cheers,
Will
next prev parent reply other threads:[~2025-05-08 15:12 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-08 13:26 [PATCH v2 00/24] arm64: FPSIMD/SVE/SME fixes + re-enable SME Mark Rutland
2025-05-08 13:26 ` [PATCH v2 01/24] arm64/fpsimd: Do not discard modified SVE state Mark Rutland
2025-05-08 15:02 ` Will Deacon
2025-05-08 13:26 ` [PATCH v2 02/24] arm64/fpsimd: signal: Clear PSTATE.SM when restoring FPSIMD frame only Mark Rutland
2025-05-08 13:26 ` [PATCH v2 03/24] arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state Mark Rutland
2025-05-08 13:26 ` [PATCH v2 04/24] arm64/fpsimd: signal: Consistently read FPSIMD context Mark Rutland
2025-05-08 14:34 ` Will Deacon [this message]
2025-05-08 13:26 ` [PATCH v2 05/24] arm64/fpsimd: ptrace: Consistently handle partial writes to NT_ARM_(S)SVE Mark Rutland
2025-05-08 13:26 ` [PATCH v2 06/24] arm64/fpsimd: Clarify sve_sync_*() functions Mark Rutland
2025-05-08 13:26 ` [PATCH v2 07/24] arm64/fpsimd: Factor out {sve,sme}_state_size() helpers Mark Rutland
2025-05-08 13:26 ` [PATCH v2 08/24] arm64/fpsimd: Add task_smstop_sm() Mark Rutland
2025-05-08 13:26 ` [PATCH v2 09/24] arm64/fpsimd: signal: Use SMSTOP behaviour in setup_return() Mark Rutland
2025-05-08 13:26 ` [PATCH v2 10/24] arm64/fpsimd: Remove redundant task->mm check Mark Rutland
2025-05-08 13:26 ` [PATCH v2 11/24] arm64/fpsimd: Consistently preserve FPSIMD state during clone() Mark Rutland
2025-05-08 13:26 ` [PATCH v2 12/24] arm64/fpsimd: Clear PSTATE.SM " Mark Rutland
2025-05-08 13:26 ` [PATCH v2 13/24] arm64/fpsimd: Make clone() compatible with ZA lazy saving Mark Rutland
2025-05-08 13:26 ` [PATCH v2 14/24] arm64/fpsimd: ptrace/prctl: Ensure VL changes do not resurrect stale data Mark Rutland
2025-05-08 13:26 ` [PATCH v2 15/24] arm64/fpsimd: ptrace/prctl: Ensure VL changes leave task in a valid state Mark Rutland
2025-05-08 13:26 ` [PATCH v2 16/24] arm64/fpsimd: ptrace: Save task state before generating SVE header Mark Rutland
2025-05-08 13:26 ` [PATCH v2 17/24] arm64/fpsimd: ptrace: Do not present register data for inactive mode Mark Rutland
2025-05-08 13:26 ` [PATCH v2 18/24] arm64/fpsimd: ptrace: Mandate SVE payload for streaming-mode state Mark Rutland
2025-05-08 13:26 ` [PATCH v2 19/24] arm64/fpsimd: ptrace: Gracefully handle errors Mark Rutland
2025-05-08 13:26 ` [PATCH v2 20/24] arm64/fpsimd: Allow CONFIG_ARM64_SME to be selected Mark Rutland
2025-05-08 13:26 ` [PATCH v2 21/24] kselftest/arm64: fp-ptrace: Fix expected FPMR value when PSTATE.SM is changed Mark Rutland
2025-05-08 13:26 ` [PATCH v2 22/24] kselftest/arm64: tpidr2: Adjust to new clone() behaviour Mark Rutland
2025-05-08 13:26 ` [PATCH v2 23/24] kselftest/arm64: fp-ptrace: Adjust to new VL change behaviour Mark Rutland
2025-05-08 13:26 ` [PATCH v2 24/24] kselftest/arm64: fp-ptrace: Adjust to new inactive mode behaviour Mark Rutland
2025-05-08 15:02 ` [PATCH v2 00/24] arm64: FPSIMD/SVE/SME fixes + re-enable SME Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250508143422.GA4189@willie-the-truck \
--to=will@kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=daniel.kiss@arm.com \
--cc=david.spickett@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=luis.machado@arm.com \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=richard.sandiford@arm.com \
--cc=sander.desmalen@arm.com \
--cc=tabba@google.com \
--cc=tamas.petz@arm.com \
--cc=tkjos@google.com \
--cc=yury.khrustalev@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox