The following commit has been merged into the x86/fpu branch of tip: Commit-ID: 145e9e0d8c6fada4a40f9fc65b34658077874d9c Gitweb: https://git.kernel.org/tip/145e9e0d8c6fada4a40f9fc65b34658077874d9c Author: Andy Lutomirski <luto@xxxxxxxxxx> AuthorDate: Wed, 23 Jun 2021 14:01:40 +02:00 Committer: Borislav Petkov <bp@xxxxxxx> CommitterDate: Wed, 23 Jun 2021 17:49:46 +02:00 x86/fpu: Fail ptrace() requests that try to set invalid MXCSR values There is no benefit from accepting and silently changing an invalid MXCSR value supplied via ptrace(). Instead, return -EINVAL on invalid input. Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Signed-off-by: Borislav Petkov <bp@xxxxxxx> Link: https://lkml.kernel.org/r/20210623121452.613614842@xxxxxxxxxxxxx --- arch/x86/kernel/fpu/regset.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index f24ce87..5610f77 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -63,8 +63,9 @@ int xfpregs_set(struct task_struct *target, const struct user_regset *regset, if (ret) return ret; - /* Mask invalid MXCSR bits (for historical reasons). */ - newstate.mxcsr &= mxcsr_feature_mask; + /* Do not allow an invalid MXCSR value. */ + if (newstate.mxcsr & ~mxcsr_feature_mask) + return -EINVAL; fpu__prepare_write(fpu);
|