From: Eric Biggers <ebigg...@google.com>
This is in preparation to verify the full xstate header as supplied by
user-space.
Signed-off-by: Eric Biggers <ebigg...@google.com>
Cc: Andy Lutomirski <l...@kernel.org>
Cc: Dave Hansen <dave.han...@linux.intel.com>
Cc: Dmitry Vyukov <dvyu...@google.com>
Cc: Fenghua Yu <fenghua...@intel.com>
Cc: Kees Cook <keesc...@chromium.org>
Cc: Kevin Hao <haoke...@gmail.com>
Cc: Linus Torvalds <torva...@linux-foundation.org>
Cc: Michael Halcrow <mhalc...@google.com>
Cc: Oleg Nesterov <o...@redhat.com>
Cc: Peter Zijlstra <pet...@infradead.org>
Cc: Rik van Riel <r...@redhat.com>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: Wanpeng Li <wanpeng...@hotmail.com>
Cc: Yu-cheng Yu <yu-cheng...@intel.com>
Cc: kernel-harden...@lists.openwall.com
Signed-off-by: Ingo Molnar <mi...@kernel.org>
---
arch/x86/kernel/fpu/xstate.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 325db7850335..0cd7b73c25e8 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -1199,13 +1199,16 @@ int copy_user_to_xstate(struct xregs_state *xsave,
const void __user *ubuf)
int i;
u64 xfeatures;
u64 allowed_features;
+ struct xstate_header hdr;
offset = offsetof(struct xregs_state, header);
- size = sizeof(xfeatures);
+ size = sizeof(hdr);
- if (__copy_from_user(&xfeatures, ubuf + offset, size))
+ if (__copy_from_user(&hdr, ubuf + offset, size))
return -EFAULT;
+ xfeatures = hdr.xfeatures;
+
/*
* Reject if the user sets any disabled or supervisor features:
*/
--
2.11.0
