The Linux Kernel Mailing List
 help / color / mirror / Atom feed
From: Andrei Vagin <avagin@google.com>
To: Thomas Gleixner <tglx@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	 "Chang S. Bae" <chang.seok.bae@intel.com>
Cc: linux-kernel@vger.kernel.org, criu@lists.linux.dev,
	 Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,  Andrei Vagin <avagin@google.com>,
	"H. Peter Anvin" <hpa@zytor.com>
Subject: [PATCH 01/10] x86/fpu: Document signal frame portability
Date: Mon, 15 Jun 2026 19:37:07 +0000	[thread overview]
Message-ID: <20260615193716.1843340-2-avagin@google.com> (raw)
In-Reply-To: <20260615193716.1843340-1-avagin@google.com>

The x86 signal frame is designed to be self-describing, with the
'xstate_size' field in the software-reserved bytes indicating the actual
size of the context. This design is required for portability, allowing a
signal frame created on a system with a specific set of xstate features
to be restored on a machine with a different (larger) set of features.

Document this contract in the uabi headers and Documentation/. This
requirement is critical for checkpoint/restore tools like CRIU, which
should be able to migrate processes across machines with heterogeneous
FPU capabilities. Note that portability is generally limited to CPUs
from the same vendor (e.g., Intel vs. AMD) due to potential differences
in xstate layouts.

Signed-off-by: Andrei Vagin <avagin@google.com>
---
 Documentation/arch/x86/xstate.rst      | 13 +++++++++++++
 arch/x86/include/uapi/asm/sigcontext.h | 13 +++++++++++++
 2 files changed, 26 insertions(+)

diff --git a/Documentation/arch/x86/xstate.rst b/Documentation/arch/x86/xstate.rst
index cec05ac464c1..facd97b26bf1 100644
--- a/Documentation/arch/x86/xstate.rst
+++ b/Documentation/arch/x86/xstate.rst
@@ -172,3 +172,16 @@ are extended to control the guest permission:
 
 Note that some VMMs may have already established a set of supported state
 components. These options are not presumed to support any particular VMM.
+
+Signal Frame Portability
+------------------------
+
+The signal frame is designed to be self-describing and portable. This is
+especially important for checkpoint/restore tools like CRIU, which may restore
+a process on a different host than where it was checkpointed. A signal frame
+created on a machine with fewer CPU features can be successfully restored on a
+machine with more CPU features.
+
+Note that signal frame portability is generally guaranteed only between CPUs
+from the same vendor. Different vendors may use different offsets for the same
+xstate features in the xsave area, making frames incompatible between them.
diff --git a/arch/x86/include/uapi/asm/sigcontext.h b/arch/x86/include/uapi/asm/sigcontext.h
index d0d9b331d3a1..d52313345f21 100644
--- a/arch/x86/include/uapi/asm/sigcontext.h
+++ b/arch/x86/include/uapi/asm/sigcontext.h
@@ -34,6 +34,19 @@
  * fpstate+extended_size-FP_XSTATE_MAGIC2_SIZE address) is set to
  * FP_XSTATE_MAGIC2 so that you can sanity check your size calculations.)
  *
+ * The xstate_size field indicates the actual size of the xstate context
+ * (including the fxregs_state and xstate_header). This size is used in
+ * conjunction with the pointer to the xstate context to locate
+ * FP_XSTATE_MAGIC2. Note that on 32-bit systems, the fpstate pointer points
+ * to a legacy struct fregs_state (112 bytes) that precedes the xstate
+ * context, so the xstate context starts at fpstate + 112. This makes
+ * the signal frame self-describing and portable: a signal frame created on a
+ * machine with a certain set of xstate features can be restored on a machine
+ * with a different (larger) set of features, as long as the latter supports
+ * all features present in the frame. Note that this portability is generally
+ * limited to CPUs of the same vendor, as different vendors may use different
+ * xstate layouts.
+ *
  * This extended area typically grows with newer CPUs that have larger and
  * larger XSAVE areas.
  */
-- 
2.54.0.1189.g8c84645362-goog


  reply	other threads:[~2026-06-15 19:37 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-15 19:37 [PATCH v3 0/10] x86/fpu: Restore and reinforce signal frame portability Andrei Vagin
2026-06-15 19:37 ` Andrei Vagin [this message]
2026-06-26 13:51   ` [PATCH 01/10] x86/fpu: Document " Alexander Mikhalitsyn
2026-06-30 19:23   ` Chang S. Bae
2026-06-15 19:37 ` [PATCH 02/10] x86/fpu: Clean up and rename variables in signal frame handling Andrei Vagin
2026-06-26 17:05   ` Alexander Mikhalitsyn
2026-06-15 19:37 ` [PATCH 03/10] x86/fpu: Split __fpu_restore_sig to extract compat path Andrei Vagin
2026-06-26 17:20   ` Alexander Mikhalitsyn
2026-06-15 19:37 ` [PATCH 04/10] x86/fpu: Document reasoning of FX-only fallback Andrei Vagin
2026-06-26 14:22   ` Alexander Mikhalitsyn
2026-06-30 19:23   ` Chang S. Bae
2026-06-15 19:37 ` [PATCH 05/10] x86/fpu: Fix potential underflow in xstate_calculate_size() Andrei Vagin
2026-06-26 14:32   ` Alexander Mikhalitsyn
2026-06-30 19:23   ` Chang S. Bae
2026-06-15 19:37 ` [PATCH 06/10] selftests/x86: Add a test for signal frame FPU portability Andrei Vagin
2026-06-26 14:39   ` Alexander Mikhalitsyn
2026-06-15 19:37 ` [PATCH 07/10] x86/fpu: Pre-fault only required size of xstate buffer Andrei Vagin
2026-06-26 17:28   ` Alexander Mikhalitsyn
2026-06-15 19:37 ` [PATCH 08/10] selftests/x86: Add a sigframe insufficient xstate_size test Andrei Vagin
2026-06-26 15:02   ` Alexander Mikhalitsyn
2026-06-15 19:37 ` [PATCH 09/10] x86/fpu: Allow restoring signal frames with larger xstate_size Andrei Vagin
2026-06-26 17:32   ` Alexander Mikhalitsyn
2026-06-30 19:23   ` Chang S. Bae
2026-07-01  0:48     ` Andrei Vagin
2026-06-15 19:37 ` [PATCH 10/10] selftests/x86: Check restoring FPU state " Andrei Vagin
2026-06-26 15:12   ` Alexander Mikhalitsyn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260615193716.1843340-2-avagin@google.com \
    --to=avagin@google.com \
    --cc=bp@alien8.de \
    --cc=chang.seok.bae@intel.com \
    --cc=criu@lists.linux.dev \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=tglx@kernel.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox