Re: [PATCH 00/19] x86, mpx updates for 4.2 (take 7)

[Ingo Molnar <mingo@kernel.org>]

* Dave Hansen <dave@sr71.net> wrote:

> Hi x86 maintainers,
> 
> There are a few basic things going on here:
> 1. Make FPU/xsave code preempt safe and work properly
> 2. Add trace points to make kernel and app debugging easier
> 3. Add a boot-time disable for mpx
> 4. Rewrite the unmapping code.
> 5. Support 32-bit binaries to run on 64-bit kernels
> 
> This sees breakage unless either booted with 'noxsaves'
> or if it has Fenghua's set from here applied:
> 
> 	http://lkml.kernel.org/r/1429678319-61356-1-git-send-email-fenghua.yu@intel.com
> 
> This set is also available against 4.1-rc3 in git:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/daveh/x86-mpx.git mpx-v22

Yeah, so as a first step, could you please test that the patch below 
solves the crashes as well, without having to specify 'noxsaves' on 
the boot line?

That would make it possible to apply your MPX fixes to v4.2, 
independently of the work to re-enable proper XSAVES support.

Please also merge your queue on top of tip:x86/fpu (or tip/master).

Thanks,

	Ingo

===================>
>From e88221c50cadade0eb4f7f149f4967d760212695 Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@kernel.org>
Date: Wed, 20 May 2015 11:45:30 +0200
Subject: [PATCH] x86/fpu: Disable XSAVES* support for now

The kernel's handling of 'compacted' xsave state layout is buggy:

    http://marc.info/?l=linux-kernel&m=142967852317199

I don't have such a system, and the description there is vague, but
from extrapolation I guess that there were two kinds of bugs
observed:

  - boot crashes, due to size calculations being wrong and the dynamic
    allocation allocating a too small xstate area. (This is now fixed
    in the new FPU code - but still present in stable kernels.)

  - FPU state corruption and ABI breakage: if signal handlers try to
    change the FPU state in standard format, which then the kernel
    tries to restore in the compacted format.

These breakages are scary, but they only occur on a small number of
systems that have XSAVES* CPU support. Yet we have had XSAVES support
in the upstream kernel for a large number of stable kernel releases,
and the fixes are involved and unproven.

So do the safe resolution first: disable XSAVES* support and only
use the standard xstate format. This makes the code work and is
easy to backport.

On top of this we can work on enabling (and testing!) proper
compacted format support, without backporting pressure, on top of the
new, cleaned up FPU code.

Cc: <stable@vger.kernel.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/kernel/i387.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c
index 009183276bb7..6185d3141219 100644
--- a/arch/x86/kernel/i387.c
+++ b/arch/x86/kernel/i387.c
@@ -173,6 +173,21 @@ static void init_thread_xstate(void)
 		xstate_size = sizeof(struct i387_fxsave_struct);
 	else
 		xstate_size = sizeof(struct i387_fsave_struct);
+
+	/*
+	 * Quirk: we don't yet handle the XSAVES* instructions
+	 * correctly, as we don't correctly convert between
+	 * standard and compacted format when interfacing
+	 * with user-space - so disable it for now.
+	 *
+	 * The difference is small: with recent CPUs the
+	 * compacted format is only marginally smaller than
+	 * the standard FPU state format.
+	 *
+	 * ( This is easy to backport while we are fixing
+	 *   XSAVES* support. )
+	 */
+	setup_clear_cpu_cap(X86_FEATURE_XSAVES);
 }
 
 /*