lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220922200034.23759-4-chang.seok.bae@intel.com>
Date:   Thu, 22 Sep 2022 13:00:33 -0700
From:   "Chang S. Bae" <chang.seok.bae@...el.com>
To:     linux-kernel@...r.kernel.org
Cc:     x86@...nel.org, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...ux.intel.com, hpa@...or.com, avagin@...il.com,
        seanjc@...gle.com, chang.seok.bae@...el.com, kvm@...r.kernel.org
Subject: [PATCH v2 3/4] x86/fpu: Disallow legacy states from fpstate_clear_xstate_component()

Commit 087df48c298c ("x86/fpu: Replace KVMs xstate component clearing")
refactored the MPX state clearing code.

But, legacy states are not warranted in this routine:
- It presumes every state is contiguous but that's not true for the legacy
  states. While MXCSR belongs to SSE, the state is located in the XSAVE
  buffer as surrounded by FP states.
- Also, zeroing out legacy states is not meaningful as their init state is
  non-zero.

It is possible to adjust the code to support them. Then, there is no use
for clearing legacy states yet. To make it simple, explicitly disallow
legacy states.

Signed-off-by: Chang S. Bae <chang.seok.bae@...el.com>
Cc: x86@...nel.org
Cc: kvm@...r.kernel.org
Cc: linux-kernel@...r.kernel.org
---
Changes from v1 (Sean Christopherson):
* Revert the name change.
* Add a warning.
* Update title/changelog.
---
 arch/x86/kernel/fpu/xstate.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index d7676cfc32eb..a3f7045d1f8e 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -1375,6 +1375,15 @@ void fpstate_clear_xstate_component(struct fpstate *fps, unsigned int xfeature)
 {
 	void *addr = get_xsave_addr(&fps->regs.xsave, xfeature);
 
+	/*
+	 * Allow extended states only, because:
+	 * (1) Each legacy state is not contiguously located in the buffer.
+	 * (2) Zeroing those states is not meaningful as their init states
+	 *     are not zero.
+	 */
+	if (WARN_ON_ONCE(xfeature <= XFEATURE_SSE))
+		return;
+
 	if (addr)
 		memset(addr, 0, xstate_sizes[xfeature]);
 }
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ