On Mon, May 31 2021 at 20:56, Thomas Gleixner wrote:
> On Mon, May 31 2021 at 12:01, Thomas Gleixner wrote:
> __fpu__restore_sig()
>
> if (!buf) {
> fpu__clear_user_states(fpu);
> return 0;
> }
>
> and
>
> handle_signal()
>
> if (!failed)
> fpu__clear_user_states(fpu);
>
> which invoke that function unconditionally.
So we cannot warn there.
This is all wrong and everything should use copy_kernel_to_xstate()
after copying the buffer from user space. But of course allocating
memory there is daft.
There is also xstateregs_set() which invokes fpstate_init() on fail
which means it blows away _ALL_ state including supervisor state.
Even without supervisor state this function is bonkers. If the ptracer
provides a bogus data set then this just invalidates the target tasks
FPU state for no real good reason.
This should just use a kernel buffer. If the copy from user fails, the
caller gets the EFAULT. If the header is bogus, then
copy_kernel_to_xstate() returns -EINVAL and that's handed back to the
caller. No reason to invalidate anything.
Thanks,
tglx
