From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1031024AbbD1WJ0 (ORCPT <rfc822;w@1wt.eu>);
	Tue, 28 Apr 2015 18:09:26 -0400
Received: from mga14.intel.com ([192.55.52.115]:1127 "EHLO mga14.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1030826AbbD1WJZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 28 Apr 2015 18:09:25 -0400
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.11,666,1422950400"; 
   d="scan'208";a="687109190"
Message-ID: <5540050D.2000008@intel.com>
Date: Tue, 28 Apr 2015 15:09:17 -0700
From: Dave Hansen <dave.hansen@intel.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Fenghua Yu <fenghua.yu@intel.com>, "H. Peter Anvin" <hpa@linux.intel.com>,
        Ingo Molnar <mingo@elte.hu>, Thomas Gleixner <tglx@linutronix.de>,
        Asit K Mallick <asit.k.mallick@intel.com>,
        Glenn Williamson <glenn.p.williamson@intel.com>
CC: linux-kernel <linux-kernel@vger.kernel.org>, x86 <x86@kernel.org>
Subject: Re: [PATCH Bugfix v2 2/4] x86/xsaves: Define and use user_xstate_size
 for xstate size in signal context
References: <1429678319-61356-1-git-send-email-fenghua.yu@intel.com> <1429678319-61356-3-git-send-email-fenghua.yu@intel.com>
In-Reply-To: <1429678319-61356-3-git-send-email-fenghua.yu@intel.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 04/21/2015 09:51 PM, Fenghua Yu wrote:
> +	/*
> +	 * Clear xcomp_bv[63] in user's xsave area header to indicate
> +	 * buf_fx is in standard format.
> +	 */
> +	xcomp_bv = xsave->xsave_hdr.xcomp_bv;
> +	user_xsave = buf_fx;
> +	xcomp_bv &= ~((u64)1 << 63);

I ran in to another bug.  xrestor_user() is hitting a #GP with these values:

[    6.258743] xrestore_user() tmp: ffff88003f813000
[    6.261122] 	     XCR0: 000000000000001f
[    6.261868] 	xstate_bv: 0000000000000003
[    6.262613] 	 xcomp_bv: 000000000000001f

I think it is because bit 63 is clear in xcomp_bv, but there are other
bits set in there.

I think the above needs to just do:

	/*
	 * We are uncompacting the state for the user buffer.  We need
	 * to clear out the xcomp_bv field entirely.  The uncompacted
	 * form of xsave/xrstor treats this field as reserved.
	 */
	if (__put_user(0, &user_xsave->xsave_hdr.xcomp_bv))
		return -1;