x86/fpu: Mask PKRU from kernel XRSTOR[S] operations

KAGA-KOKO · suryasaimadhu · commit 30a304a13873 · 2021-06-23T19:47:35.000+02:00
As the PKRU state is managed separately restoring it from the xstate buffer would be counterproductive as it might either restore a stale value or reinit the PKRU state to 0. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Borislav Petkov <bp@suse.de> Link: https://lkml.kernel.org/r/20210623121456.606745195@linutronix.de
diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h
@@ -259,7 +259,7 @@ static inline void fxsave(struct fxregs_state *fx)
  */
 static inline void os_xrstor_booting(struct xregs_state *xstate)
 {
-	u64 mask = -1;
+	u64 mask = xfeatures_mask_fpstate();
 	u32 lmask = mask;
 	u32 hmask = mask >> 32;
 	int err;
@@ -388,7 +388,7 @@ extern void __restore_fpregs_from_fpstate(union fpregs_state *fpstate, u64 mask)
 
 static inline void restore_fpregs_from_fpstate(union fpregs_state *fpstate)
 {
-	__restore_fpregs_from_fpstate(fpstate, -1);
+	__restore_fpregs_from_fpstate(fpstate, xfeatures_mask_fpstate());
 }
 
 extern int copy_fpstate_to_sigframe(void __user *buf, void __user *fp, int size);
diff --git a/arch/x86/include/asm/fpu/xstate.h b/arch/x86/include/asm/fpu/xstate.h
@@ -111,6 +111,16 @@ static inline u64 xfeatures_mask_restore_user(void)
 	return xfeatures_mask_all & XFEATURE_MASK_USER_RESTORE;
 }
 
+/*
+ * Like xfeatures_mask_restore_user() but additionally restors the
+ * supported supervisor states.
+ */
+static inline u64 xfeatures_mask_fpstate(void)
+{
+	return xfeatures_mask_all & \
+		(XFEATURE_MASK_USER_RESTORE | XFEATURE_MASK_SUPERVISOR_SUPPORTED);
+}
+
 static inline u64 xfeatures_mask_independent(void)
 {
 	if (!boot_cpu_has(X86_FEATURE_ARCH_LBR))
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
@@ -60,6 +60,7 @@ static short xsave_cpuid_features[] __initdata = {
  * XSAVE buffer, both supervisor and user xstates.
  */
 u64 xfeatures_mask_all __ro_after_init;
+EXPORT_SYMBOL_GPL(xfeatures_mask_all);
 
 static unsigned int xstate_offsets[XFEATURE_MAX] __ro_after_init =
 	{ [ 0 ... XFEATURE_MAX - 1] = -1};
diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c
@@ -65,7 +65,7 @@ __visible bool ex_handler_fprestore(const struct exception_table_entry *fixup,
 	WARN_ONCE(1, "Bad FPU state detected at %pB, reinitializing FPU registers.",
 		  (void *)instruction_pointer(regs));
 
-	__restore_fpregs_from_fpstate(&init_fpstate, -1);
+	__restore_fpregs_from_fpstate(&init_fpstate, xfeatures_mask_fpstate());
 	return true;
 }
 EXPORT_SYMBOL_GPL(ex_handler_fprestore);

Original file line number	Diff line number	Diff line change
`@@ -259,7 +259,7 @@ static inline void fxsave(struct fxregs_state *fx)`
`259`	`259`	`*/`
`260`	`260`	`static inline void os_xrstor_booting(struct xregs_state *xstate)`
`261`	`261`	`{`
`262`		`- u64 mask = -1;`
	`262`	`+ u64 mask = xfeatures_mask_fpstate();`
`263`	`263`	`u32 lmask = mask;`
`264`	`264`	`u32 hmask = mask >> 32;`
`265`	`265`	`int err;`
`@@ -388,7 +388,7 @@ extern void __restore_fpregs_from_fpstate(union fpregs_state *fpstate, u64 mask)`
`388`	`388`
`389`	`389`	`static inline void restore_fpregs_from_fpstate(union fpregs_state *fpstate)`
`390`	`390`	`{`
`391`		`- __restore_fpregs_from_fpstate(fpstate, -1);`
	`391`	`+ __restore_fpregs_from_fpstate(fpstate, xfeatures_mask_fpstate());`
`392`	`392`	`}`
`393`	`393`
`394`	`394`	`extern int copy_fpstate_to_sigframe(void __user buf, void __user fp, int size);`
Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ __visible bool ex_handler_fprestore(const struct exception_table_entry *fixup,`
`65`	`65`	`WARN_ONCE(1, "Bad FPU state detected at %pB, reinitializing FPU registers.",`
`66`	`66`	`(void *)instruction_pointer(regs));`
`67`	`67`
`68`		`- __restore_fpregs_from_fpstate(&init_fpstate, -1);`
	`68`	`+ __restore_fpregs_from_fpstate(&init_fpstate, xfeatures_mask_fpstate());`
`69`	`69`	`return true;`
`70`	`70`	`}`
`71`	`71`	`EXPORT_SYMBOL_GPL(ex_handler_fprestore);`