git.monstr.eu Git - linux-2.6-microblaze.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Wed, 23 Jun 2021 12:01:28 +0000 (14:01 +0200)
committer	Borislav Petkov <bp@suse.de>
	Wed, 23 Jun 2021 15:49:45 +0000 (17:49 +0200)
commit	9625895011d130033d1bc7aac0d77a9bf68ff8a6
tree	e73b40a6dcb458302a7b8609e824eddb8177c84b	tree \| snapshot
parent	c4cf5f61982e35348f522464010445efcc0aeb60	commit \| diff

x86/fpu: Fix copy_xstate_to_kernel() gap handling

The gap handling in copy_xstate_to_kernel() is wrong when XSAVES is in
use.

Using init_fpstate for copying the init state of features which are
not set in the xstate header is only correct for the legacy area, but
not for the extended features area because when XSAVES is in use then
init_fpstate is in compacted form which means the xstate offsets which
are used to copy from init_fpstate are not valid.

Fortunately, this is not a real problem today because all extended
features in use have an all-zeros init state, but it is wrong
nevertheless and with a potentially dynamically sized init_fpstate this
would result in an access outside of the init_fpstate.

Fix this by keeping track of the last copied state in the target buffer and
explicitly zero it when there is a feature or alignment gap.

Use the compacted offset when accessing the extended feature space in
init_fpstate.

As this is not a functional issue on older kernels this is intentionally
not tagged for stable.

Fixes: b8be15d58806 ("x86/fpu/xstate: Re-enable XSAVES")
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20210623121451.294282032@linutronix.de