CC: [email protected] TO: Thomas Gleixner <[email protected]> tree: https://git.kernel.org/pub/scm/linux/kernel/git/tglx/devel.git x86/fpu head: 3d168301c78d17de32e5a473e80c2032c190070b commit: a3f4eae3fd08421a0093ddb6a5b5f3ed22b901c2 [60/67] x86/fpu/signal: Move initial checks into fpu__sig_restore() :::::: branch date: 7 hours ago :::::: commit date: 7 hours ago config: x86_64-randconfig-m001-20210622 (attached as .config) compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> New smatch warnings: arch/x86/kernel/fpu/signal.c:374 __fpu_restore_sig() warn: maybe return -EFAULT instead of the bytes remaining? Old smatch warnings: arch/x86/kernel/fpu/signal.c:98 save_xstate_epilog() warn: maybe return -EFAULT instead of the bytes remaining? arch/x86/kernel/fpu/signal.c:443 __fpu_restore_sig() warn: maybe return -EFAULT instead of the bytes remaining? vim +374 arch/x86/kernel/fpu/signal.c b992c660d3b316 Ingo Molnar 2015-04-30 279 a3f4eae3fd0842 Thomas Gleixner 2021-06-15 280 static int __fpu_restore_sig(void __user *buf, void __user *buf_fx, a3f4eae3fd0842 Thomas Gleixner 2021-06-15 281 bool ia32_fxstate) b992c660d3b316 Ingo Molnar 2015-04-30 282 { c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 283 struct user_i387_ia32_struct *envp = NULL; c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 284 int state_size = fpu_kernel_xstate_size; b992c660d3b316 Ingo Molnar 2015-04-30 285 struct task_struct *tsk = current; b992c660d3b316 Ingo Molnar 2015-04-30 286 struct fpu *fpu = &tsk->thread.fpu; c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 287 struct user_i387_ia32_struct env; 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 288 u64 user_xfeatures = 0; b992c660d3b316 Ingo Molnar 2015-04-30 289 int fx_only = 0; c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 290 int ret = 0; b992c660d3b316 Ingo Molnar 2015-04-30 291 b992c660d3b316 Ingo Molnar 2015-04-30 292 if (use_xsave()) { b992c660d3b316 Ingo Molnar 2015-04-30 293 struct _fpx_sw_bytes fx_sw_user; b992c660d3b316 Ingo Molnar 2015-04-30 294 if (unlikely(check_for_xstate(buf_fx, buf_fx, &fx_sw_user))) { b992c660d3b316 Ingo Molnar 2015-04-30 295 /* b992c660d3b316 Ingo Molnar 2015-04-30 296 * Couldn't find the extended state information in the b992c660d3b316 Ingo Molnar 2015-04-30 297 * memory layout. Restore just the FP/SSE and init all b992c660d3b316 Ingo Molnar 2015-04-30 298 * the other extended state. b992c660d3b316 Ingo Molnar 2015-04-30 299 */ c47ada305de380 Ingo Molnar 2015-04-30 300 state_size = sizeof(struct fxregs_state); b992c660d3b316 Ingo Molnar 2015-04-30 301 fx_only = 1; d1898b733619bd Dave Hansen 2016-06-01 302 trace_x86_fpu_xstate_check_failed(fpu); b992c660d3b316 Ingo Molnar 2015-04-30 303 } else { b992c660d3b316 Ingo Molnar 2015-04-30 304 state_size = fx_sw_user.xstate_size; 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 305 user_xfeatures = fx_sw_user.xfeatures; b992c660d3b316 Ingo Molnar 2015-04-30 306 } b992c660d3b316 Ingo Molnar 2015-04-30 307 } b992c660d3b316 Ingo Molnar 2015-04-30 308 c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 309 if ((unsigned long)buf_fx % 64) c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 310 fx_only = 1; 98265c17efa9f2 Yu-cheng Yu 2020-05-12 311 98265c17efa9f2 Yu-cheng Yu 2020-05-12 312 if (!ia32_fxstate) { 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 313 /* 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 314 * Attempt to restore the FPU registers directly from user 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 315 * memory. For that to succeed, the user access cannot cause 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 316 * page faults. If it does, fall back to the slow path below, 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 317 * going through the kernel buffer with the enabled pagefault 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 318 * handler. 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 319 */ 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 320 fpregs_lock(); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 321 pagefault_disable(); 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 322 ret = copy_user_to_fpregs_zeroing(buf_fx, user_xfeatures, fx_only); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 323 pagefault_enable(); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 324 if (!ret) { 55e00fb66fd504 Yu-cheng Yu 2020-05-12 325 55e00fb66fd504 Yu-cheng Yu 2020-05-12 326 /* 55e00fb66fd504 Yu-cheng Yu 2020-05-12 327 * Restore supervisor states: previous context switch 55e00fb66fd504 Yu-cheng Yu 2020-05-12 328 * etc has done XSAVES and saved the supervisor states 55e00fb66fd504 Yu-cheng Yu 2020-05-12 329 * in the kernel buffer from which they can be restored 55e00fb66fd504 Yu-cheng Yu 2020-05-12 330 * now. 55e00fb66fd504 Yu-cheng Yu 2020-05-12 331 * 55e00fb66fd504 Yu-cheng Yu 2020-05-12 332 * We cannot do a single XRSTORS here - which would 55e00fb66fd504 Yu-cheng Yu 2020-05-12 333 * be nice - because the rest of the FPU registers are 55e00fb66fd504 Yu-cheng Yu 2020-05-12 334 * being restored from a user buffer directly. The 55e00fb66fd504 Yu-cheng Yu 2020-05-12 335 * single XRSTORS happens below, when the user buffer 55e00fb66fd504 Yu-cheng Yu 2020-05-12 336 * has been copied to the kernel one. 55e00fb66fd504 Yu-cheng Yu 2020-05-12 337 */ 55e00fb66fd504 Yu-cheng Yu 2020-05-12 338 if (test_thread_flag(TIF_NEED_FPU_LOAD) && 2b2141252113ad Thomas Gleixner 2021-06-10 339 xfeatures_mask_supervisor()) { 2b2141252113ad Thomas Gleixner 2021-06-10 340 os_xrstor(&fpu->state.xsave, 55e00fb66fd504 Yu-cheng Yu 2020-05-12 341 xfeatures_mask_supervisor()); 2b2141252113ad Thomas Gleixner 2021-06-10 342 } 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 343 fpregs_mark_activate(); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 344 fpregs_unlock(); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 345 return 0; 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 346 } d8778e393afa42 Andy Lutomirski 2021-06-08 347 d8778e393afa42 Andy Lutomirski 2021-06-08 348 /* d8778e393afa42 Andy Lutomirski 2021-06-08 349 * The above did an FPU restore operation, restricted to d8778e393afa42 Andy Lutomirski 2021-06-08 350 * the user portion of the registers, and failed, but the d8778e393afa42 Andy Lutomirski 2021-06-08 351 * microcode might have modified the FPU registers d8778e393afa42 Andy Lutomirski 2021-06-08 352 * nevertheless. d8778e393afa42 Andy Lutomirski 2021-06-08 353 * d8778e393afa42 Andy Lutomirski 2021-06-08 354 * If the FPU registers do not belong to current, then d8778e393afa42 Andy Lutomirski 2021-06-08 355 * invalidate the FPU register state otherwise the task might d8778e393afa42 Andy Lutomirski 2021-06-08 356 * preempt current and return to user space with corrupted d8778e393afa42 Andy Lutomirski 2021-06-08 357 * FPU registers. d8778e393afa42 Andy Lutomirski 2021-06-08 358 * d8778e393afa42 Andy Lutomirski 2021-06-08 359 * In case current owns the FPU registers then no further d8778e393afa42 Andy Lutomirski 2021-06-08 360 * action is required. The fixup below will handle it d8778e393afa42 Andy Lutomirski 2021-06-08 361 * correctly. d8778e393afa42 Andy Lutomirski 2021-06-08 362 */ d8778e393afa42 Andy Lutomirski 2021-06-08 363 if (test_thread_flag(TIF_NEED_FPU_LOAD)) d8778e393afa42 Andy Lutomirski 2021-06-08 364 __cpu_invalidate_fpregs_state(); d8778e393afa42 Andy Lutomirski 2021-06-08 365 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 366 fpregs_unlock(); 98265c17efa9f2 Yu-cheng Yu 2020-05-12 367 } else { 98265c17efa9f2 Yu-cheng Yu 2020-05-12 368 /* 98265c17efa9f2 Yu-cheng Yu 2020-05-12 369 * For 32-bit frames with fxstate, copy the fxstate so it can 98265c17efa9f2 Yu-cheng Yu 2020-05-12 370 * be reconstructed later. 98265c17efa9f2 Yu-cheng Yu 2020-05-12 371 */ 98265c17efa9f2 Yu-cheng Yu 2020-05-12 372 ret = __copy_from_user(&env, buf, sizeof(env)); 98265c17efa9f2 Yu-cheng Yu 2020-05-12 373 if (ret) a3f4eae3fd0842 Thomas Gleixner 2021-06-15 @374 return ret; 98265c17efa9f2 Yu-cheng Yu 2020-05-12 375 envp = &env; c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 376 } 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 377 98265c17efa9f2 Yu-cheng Yu 2020-05-12 378 /* 55e00fb66fd504 Yu-cheng Yu 2020-05-12 379 * By setting TIF_NEED_FPU_LOAD it is ensured that our xstate is 55e00fb66fd504 Yu-cheng Yu 2020-05-12 380 * not modified on context switch and that the xstate is considered 98265c17efa9f2 Yu-cheng Yu 2020-05-12 381 * to be loaded again on return to userland (overriding last_cpu avoids 98265c17efa9f2 Yu-cheng Yu 2020-05-12 382 * the optimisation). 98265c17efa9f2 Yu-cheng Yu 2020-05-12 383 */ 55e00fb66fd504 Yu-cheng Yu 2020-05-12 384 fpregs_lock(); 55e00fb66fd504 Yu-cheng Yu 2020-05-12 385 if (!test_thread_flag(TIF_NEED_FPU_LOAD)) { 55e00fb66fd504 Yu-cheng Yu 2020-05-12 386 /* 29dc0e2f79d266 Thomas Gleixner 2021-06-10 387 * If supervisor states are available then save the 29dc0e2f79d266 Thomas Gleixner 2021-06-10 388 * hardware state in current's fpstate so that the 29dc0e2f79d266 Thomas Gleixner 2021-06-10 389 * supervisor state is preserved. Save the full state for 29dc0e2f79d266 Thomas Gleixner 2021-06-10 390 * simplicity. There is no point in optimizing this by only 29dc0e2f79d266 Thomas Gleixner 2021-06-10 391 * saving the supervisor states and then shuffle them to 29dc0e2f79d266 Thomas Gleixner 2021-06-10 392 * the right place in memory. This is the slow path and the 29dc0e2f79d266 Thomas Gleixner 2021-06-10 393 * above XRSTOR failed or ia32_fxstate is true. Shrug. 55e00fb66fd504 Yu-cheng Yu 2020-05-12 394 */ 55e00fb66fd504 Yu-cheng Yu 2020-05-12 395 if (xfeatures_mask_supervisor()) 2b2141252113ad Thomas Gleixner 2021-06-10 396 os_xsave(&fpu->state.xsave); 98265c17efa9f2 Yu-cheng Yu 2020-05-12 397 set_thread_flag(TIF_NEED_FPU_LOAD); 55e00fb66fd504 Yu-cheng Yu 2020-05-12 398 } 98265c17efa9f2 Yu-cheng Yu 2020-05-12 399 __fpu_invalidate_fpregs_state(fpu); 55e00fb66fd504 Yu-cheng Yu 2020-05-12 400 fpregs_unlock(); 1d731e731c4cd7 Sebastian Andrzej Siewior 2019-04-03 401 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 402 if (use_xsave() && !fx_only) { 13188c3de44a31 Thomas Gleixner 2021-06-11 403 u64 init_bv = xfeatures_mask_uabi() & ~user_xfeatures; 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 404 e4678c6103b0db Thomas Gleixner 2021-06-05 405 ret = copy_sigframe_from_user_to_xstate(&fpu->state.xsave, buf_fx); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 406 if (ret) a3f4eae3fd0842 Thomas Gleixner 2021-06-15 407 return ret; 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 408 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 409 sanitize_restored_user_xstate(&fpu->state, envp, user_xfeatures, 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 410 fx_only); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 411 5f409e20b79456 Rik van Riel 2019-04-03 412 fpregs_lock(); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 413 if (unlikely(init_bv)) 2b2141252113ad Thomas Gleixner 2021-06-10 414 os_xrstor(&init_fpstate.xsave, init_bv); 55e00fb66fd504 Yu-cheng Yu 2020-05-12 415 55e00fb66fd504 Yu-cheng Yu 2020-05-12 416 /* 55e00fb66fd504 Yu-cheng Yu 2020-05-12 417 * Restore previously saved supervisor xstates along with 55e00fb66fd504 Yu-cheng Yu 2020-05-12 418 * copied-in user xstates. 55e00fb66fd504 Yu-cheng Yu 2020-05-12 419 */ 2b2141252113ad Thomas Gleixner 2021-06-10 420 ret = os_xrstor_safe(&fpu->state.xsave, 55e00fb66fd504 Yu-cheng Yu 2020-05-12 421 user_xfeatures | xfeatures_mask_supervisor()); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 422 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 423 } else if (use_fxsr()) { 5f409e20b79456 Rik van Riel 2019-04-03 424 ret = __copy_from_user(&fpu->state.fxsave, buf_fx, state_size); a3f4eae3fd0842 Thomas Gleixner 2021-06-15 425 if (ret) a3f4eae3fd0842 Thomas Gleixner 2021-06-15 426 return -EFAULT; 5f409e20b79456 Rik van Riel 2019-04-03 427 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 428 sanitize_restored_user_xstate(&fpu->state, envp, user_xfeatures, 5d6b6a6f9b5ce7 Yu-cheng Yu 2020-05-12 429 fx_only); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 430 5f409e20b79456 Rik van Riel 2019-04-03 431 fpregs_lock(); e0d3602f933367 Sebastian Andrzej Siewior 2019-04-03 432 if (use_xsave()) { 524bb73bc15c56 Yu-cheng Yu 2020-05-12 433 u64 init_bv; 524bb73bc15c56 Yu-cheng Yu 2020-05-12 434 13188c3de44a31 Thomas Gleixner 2021-06-11 435 init_bv = xfeatures_mask_uabi() & ~XFEATURE_MASK_FPSSE; 2b2141252113ad Thomas Gleixner 2021-06-10 436 os_xrstor(&init_fpstate.xsave, init_bv); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 437 } 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 438 12bc0cbe01994a Thomas Gleixner 2021-06-10 439 ret = fxrstor_safe(&fpu->state.fxsave); e0d3602f933367 Sebastian Andrzej Siewior 2019-04-03 440 } else { 5f409e20b79456 Rik van Riel 2019-04-03 441 ret = __copy_from_user(&fpu->state.fsave, buf_fx, state_size); 926b21f37b072a Sebastian Andrzej Siewior 2019-04-03 442 if (ret) a3f4eae3fd0842 Thomas Gleixner 2021-06-15 443 return ret; 5f409e20b79456 Rik van Riel 2019-04-03 444 5f409e20b79456 Rik van Riel 2019-04-03 445 fpregs_lock(); 3eafadeb963242 Thomas Gleixner 2021-06-10 446 ret = frstor_safe(&fpu->state.fsave); e0d3602f933367 Sebastian Andrzej Siewior 2019-04-03 447 } 5f409e20b79456 Rik van Riel 2019-04-03 448 if (!ret) 5f409e20b79456 Rik van Riel 2019-04-03 449 fpregs_mark_activate(); bbc55341b9c676 Sebastian Andrzej Siewior 2019-12-20 450 else bbc55341b9c676 Sebastian Andrzej Siewior 2019-12-20 451 fpregs_deactivate(fpu); 5f409e20b79456 Rik van Riel 2019-04-03 452 fpregs_unlock(); c2ff9e9a3d9d6c Sebastian Andrzej Siewior 2019-04-03 453 return ret; b992c660d3b316 Ingo Molnar 2015-04-30 454 } b992c660d3b316 Ingo Molnar 2015-04-30 455 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
_______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
