On Tue, Jun 22, 2021 at 10:03:03PM +0200, Thomas Gleixner wrote:
> On Tue, Jun 22 2021 at 12:17, Greg KH wrote:
>
> > On Mon, Jun 21, 2021 at 07:45:02PM +0200, Borislav Petkov wrote:
> >> On Mon, Jun 21, 2021 at 12:52:12PM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
> >> >
> >> > The patch below does not apply to the 4.4-stable tree.
> >> > If someone wants it applied there, or to any other stable or longterm
> >> > tree, then please email the backport, including the original git commit
> >> > id to <stable@xxxxxxxxxxxxxxx>.
> >>
> >> Ok, how's this below?
> >>
> >> It should at least capture the gist of what this commit is trying to
> >> achieve as the FPU mess has changed substantially since 4.4 so I'm
> >> really cautious here not to break any existing setups.
> >>
> >> I've boot-tested this in a VM but Greg, I'd appreciate running it
> >> through some sort of stable testing framework if you're using one.
> >
> > This applied to 4.4.y and 4.9.y, but we still need a 4.14.y and 4.19.y
> > version if at all possible.
>
> Everything is possible :)
>
> ---
> Subject: x86/fpu: Reset state for all signal restore failures
> From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Date: Wed Jun 9 21:18:00 2021 +0200
>
> From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
>
> commit efa165504943f2128d50f63de0c02faf6dcceb0d upstream
>
> If access_ok() or fpregs_soft_set() fails in __fpu__restore_sig() then the
> function just returns but does not clear the FPU state as it does for all
> other fatal failures.
>
> Clear the FPU state for these failures as well.
>
> Fixes: 72a671ced66d ("x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels")
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Signed-off-by: Borislav Petkov <bp@xxxxxxx>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> Link: https://lkml.kernel.org/r/87mtryyhhz.ffs@xxxxxxxxxxxxxxxxxxxxxxx
>
> ---
> arch/x86/kernel/fpu/signal.c | 30 +++++++++++++++++++-----------
> 1 file changed, 19 insertions(+), 11 deletions(-)
> ---
> --- a/arch/x86/kernel/fpu/signal.c
> +++ b/arch/x86/kernel/fpu/signal.c
> @@ -281,15 +281,21 @@ static int __fpu__restore_sig(void __use
> return 0;
> }
>
> - if (!access_ok(VERIFY_READ, buf, size))
> - return -EACCES;
> + if (!access_ok(VERIFY_READ, buf, size)) {
> + ret = -EACCES;
> + goto out_err;
> + }
>
> fpu__initialize(fpu);
>
> - if (!static_cpu_has(X86_FEATURE_FPU))
> - return fpregs_soft_set(current, NULL,
> - 0, sizeof(struct user_i387_ia32_struct),
> - NULL, buf) != 0;
> + if (!static_cpu_has(X86_FEATURE_FPU)) {
> + ret = fpregs_soft_set(current, NULL,
> + 0, sizeof(struct user_i387_ia32_struct),
> + NULL, buf) != 0;
> + if (ret)
> + goto out_err;
> + return 0;
> + }
>
> if (use_xsave()) {
> struct _fpx_sw_bytes fx_sw_user;
> @@ -349,6 +355,7 @@ static int __fpu__restore_sig(void __use
> fpu__restore(fpu);
> local_bh_enable();
>
> + /* Failure is already handled */
> return err;
> } else {
> /*
> @@ -356,13 +363,14 @@ static int __fpu__restore_sig(void __use
> * state to the registers directly (with exceptions handled).
> */
> user_fpu_begin();
> - if (copy_user_to_fpregs_zeroing(buf_fx, xfeatures, fx_only)) {
> - fpu__clear(fpu);
> - return -1;
> - }
> + if (!copy_user_to_fpregs_zeroing(buf_fx, xfeatures, fx_only))
> + return 0;
> + ret = -1;
> }
>
> - return 0;
> +out_err:
> + fpu__clear(fpu);
> + return ret;
> }
>
> static inline int xstate_sigframe_size(void)
Hm, did you build this?
I get the following build error:
arch/x86/kernel/fpu/signal.c: In function ‘__fpu__restore_sig’:
arch/x86/kernel/fpu/signal.c:285:17: error: ‘ret’ undeclared (first use in this function); did you mean ‘net’?
285 | ret = -EACCES;
| ^~~
| net
arch/x86/kernel/fpu/signal.c:285:17: note: each undeclared identifier is reported only once for each function it appears in
arch/x86/kernel/fpu/signal.c:374:1: warning: control reaches end of non-void function [-Wreturn-type]
374 | }
| ^
I'll fix it up, it's an "obvious" change :)
thanks,
greg k-h
