x86/fpu/xstate: Fix PTRACE frames for XSAVES

XSAVES uses compacted format and is a kernel instruction. The kernel should use standard-format, non-supervisor state data for PTRACE. Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> [ Edited away artificial linebreaks. ] Reviewed-by: Dave Hansen <dave.hansen@intel.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Fenghua Yu <fenghua.yu@intel.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com> Cc: Ravi V. Shankar <ravi.v.shankar@intel.com> Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com> Cc: Thomas Gleixner <tglx@linutronix.de> Link: http://lkml.kernel.org/r/de3d80949001305fe389799973b675cab055c457.1466179491.git.yu-cheng.yu@intel.com [ Made various readability edits. ] Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Yu-cheng Yu <yu-cheng.yu@intel.com> 2016-06-17 16:07:17 -0400
committer: Ingo Molnar <mingo@kernel.org> 2016-07-10 11:12:10 -0400
commit: 91c3dba7dbc199191272f4a9863f86ea3bfd679f (patch)
tree: c92ab248b7ea1261f4b8ba209e005a389bc7efb9
parent: 1499ce2dd45afddea2e84f9f920890cf88384c4e (diff)
3 files changed, 216 insertions, 24 deletions
diff --git a/arch/x86/include/asm/fpu/xstate.h b/arch/x86/include/asm/fpu/xstate.h
index 92f376ccc999..ae55a43e09c0 100644
--- a/arch/x86/include/asm/fpu/xstate.h
+++ b/arch/x86/include/asm/fpu/xstate.h
@@ -51,5 +51,8 @@ void fpu__xstate_clear_all_cpu_caps(void);
 void *get_xsave_addr(struct xregs_state *xsave, int xstate);
 const void *get_xsave_field_ptr(int xstate_field);
 int using_compacted_format(void);
+int copyout_from_xsaves(unsigned int pos, unsigned int count, void *kbuf,
+                        void __user *ubuf, struct xregs_state *xsave);
+int copyin_to_xsaves(const void *kbuf, const void __user *ubuf,
+                     struct xregs_state *xsave);
 #endif
diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c
index 81422dfb152b..c114b132d121 100644
--- a/arch/x86/kernel/fpu/regset.c
+++ b/arch/x86/kernel/fpu/regset.c
@@ -4,6 +4,7 @@
 #include <asm/fpu/internal.h>
 #include <asm/fpu/signal.h>
 #include <asm/fpu/regset.h>
+#include <asm/fpu/xstate.h>
 /*
 * The xstateregs_active() routine is the same as the regset_fpregs_active() routine,
@@ -85,21 +86,26 @@ int xstateregs_get(struct task_struct *target, const struct user_regset *regset,
        if (!boot_cpu_has(X86_FEATURE_XSAVE))
                return -ENODEV;
-        fpu__activate_fpstate_read(fpu);
        xsave = &fpu->state.xsave;
-        /*
+        fpu__activate_fpstate_read(fpu);
-         * Copy the 48bytes defined by the software first into the xstate
-         * memory layout in the thread struct, so that we can copy the entire
+        if (using_compacted_format()) {
-         * xstateregs to the user using one user_regset_copyout().
+                ret = copyout_from_xsaves(pos, count, kbuf, ubuf, xsave);
-         */
+        } else {
-        memcpy(&xsave->i387.sw_reserved,
+                fpstate_sanitize_xstate(fpu);
-                xstate_fx_sw_bytes, sizeof(xstate_fx_sw_bytes));
+                /*
-        /*
+                 * Copy the 48 bytes defined by the software into the xsave
-         * Copy the xstate memory layout.
+                 * area in the thread struct, so that we can copy the whole
-         */
+                 * area to user using one user_regset_copyout().
-        ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
+                 */
+                memcpy(&xsave->i387.sw_reserved, xstate_fx_sw_bytes, sizeof(xstate_fx_sw_bytes));
+                /*
+                 * Copy the xstate memory layout.
+                 */
+                ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
+        }
        return ret;
 }
@@ -114,11 +120,27 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset,
        if (!boot_cpu_has(X86_FEATURE_XSAVE))
                return -ENODEV;
-        fpu__activate_fpstate_write(fpu);
+        /*
+         * A whole standard-format XSAVE buffer is needed:
+         */
+        if ((pos != 0) || (count < fpu_user_xstate_size))
+                return -EFAULT;
        xsave = &fpu->state.xsave;
-        ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
+        fpu__activate_fpstate_write(fpu);
+        if (boot_cpu_has(X86_FEATURE_XSAVES))
+                ret = copyin_to_xsaves(kbuf, ubuf, xsave);
+        else
+                ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
+        /*
+         * In case of failure, mark all states as init:
+         */
+        if (ret)
+                fpstate_init(&fpu->state);
        /*
         * mxcsr reserved bits must be masked to zero for security reasons.
         */
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 02786fb7a1e8..56c0e707af21 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -11,6 +11,7 @@
 #include <asm/fpu/internal.h>
 #include <asm/fpu/signal.h>
 #include <asm/fpu/regset.h>
+#include <asm/fpu/xstate.h>
 #include <asm/tlbflush.h>
@@ -697,7 +698,12 @@ void __init fpu__init_system_xstate(void)
                return;
        }
-        update_regset_xstate_info(fpu_kernel_xstate_size, xfeatures_mask);
+        /*
+         * Update info used for ptrace frames; use standard-format size and no
+         * supervisor xstates:
+         */
+        update_regset_xstate_info(fpu_user_xstate_size, xfeatures_mask & ~XFEATURE_MASK_SUPERVISOR);
        fpu__init_prepare_fx_sw_frame();
        setup_init_fpu_buf();
        setup_xstate_comp();
@@ -925,16 +931,16 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
        if (!boot_cpu_has(X86_FEATURE_OSPKE))
                return -EINVAL;
-        /* Set the bits we need in PKRU  */
+        /* Set the bits we need in PKRU:  */
        if (init_val & PKEY_DISABLE_ACCESS)
                new_pkru_bits |= PKRU_AD_BIT;
        if (init_val & PKEY_DISABLE_WRITE)
                new_pkru_bits |= PKRU_WD_BIT;
-        /* Shift the bits in to the correct place in PKRU for pkey. */
+        /* Shift the bits in to the correct place in PKRU for pkey: */
        new_pkru_bits <<= pkey_shift;
-        /* Locate old copy of the state in the xsave buffer */
+        /* Locate old copy of the state in the xsave buffer: */
        old_pkru_state = get_xsave_addr(xsave, XFEATURE_MASK_PKRU);
        /*
@@ -947,9 +953,10 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
        else
                new_pkru_state.pkru = old_pkru_state->pkru;
-        /* mask off any old bits in place */
+        /* Mask off any old bits in place: */
        new_pkru_state.pkru &= ~((PKRU_AD_BIT|PKRU_WD_BIT) << pkey_shift);
-        /* Set the newly-requested bits */
+        /* Set the newly-requested bits: */
        new_pkru_state.pkru |= new_pkru_bits;
        /*
@@ -963,8 +970,168 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
         */
        new_pkru_state.pad = 0;
-        fpu__xfeature_set_state(XFEATURE_MASK_PKRU, &new_pkru_state,
+        fpu__xfeature_set_state(XFEATURE_MASK_PKRU, &new_pkru_state, sizeof(new_pkru_state));
-                        sizeof(new_pkru_state));
+        return 0;
+}
+/*
+ * This is similar to user_regset_copyout(), but will not add offset to
+ * the source data pointer or increment pos, count, kbuf, and ubuf.
+ */
+static inline int xstate_copyout(unsigned int pos, unsigned int count,
+                                 void *kbuf, void __user *ubuf,
+                                 const void *data, const int start_pos,
+                                 const int end_pos)
+{
+        if ((count == 0) || (pos < start_pos))
+                return 0;
+        if (end_pos < 0 || pos < end_pos) {
+                unsigned int copy = (end_pos < 0 ? count : min(count, end_pos - pos));
+                if (kbuf) {
+                        memcpy(kbuf + pos, data, copy);
+                } else {
+                        if (__copy_to_user(ubuf + pos, data, copy))
+                                return -EFAULT;
+                }
+        }
+        return 0;
+}
+/*
+ * Convert from kernel XSAVES compacted format to standard format and copy
+ * to a ptrace buffer. It supports partial copy but pos always starts from
+ * zero. This is called from xstateregs_get() and there we check the CPU
+ * has XSAVES.
+ */
+int copyout_from_xsaves(unsigned int pos, unsigned int count, void *kbuf,
+                        void __user *ubuf, struct xregs_state *xsave)
+{
+        unsigned int offset, size;
+        int ret, i;
+        struct xstate_header header;
+        /*
+         * Currently copy_regset_to_user() starts from pos 0:
+         */
+        if (unlikely(pos != 0))
+                return -EFAULT;
+        /*
+         * The destination is a ptrace buffer; we put in only user xstates:
+         */
+        memset(&header, 0, sizeof(header));
+        header.xfeatures = xsave->header.xfeatures;
+        header.xfeatures &= ~XFEATURE_MASK_SUPERVISOR;
+        /*
+         * Copy xregs_state->header:
+         */
+        offset = offsetof(struct xregs_state, header);
+        size = sizeof(header);
+        ret = xstate_copyout(offset, size, kbuf, ubuf, &header, 0, count);
+        if (ret)
+                return ret;
+        for (i = 0; i < XFEATURE_MAX; i++) {
+                /*
+                 * Copy only in-use xstates:
+                 */
+                if ((header.xfeatures >> i) & 1) {
+                        void *src = __raw_xsave_addr(xsave, 1 << i);
+                        offset = xstate_offsets[i];
+                        size = xstate_sizes[i];
+                        ret = xstate_copyout(offset, size, kbuf, ubuf, src, 0, count);
+                        if (ret)
+                                return ret;
+                        if (offset + size >= count)
+                                break;
+                }
+        }
+        /*
+         * Fill xsave->i387.sw_reserved value for ptrace frame:
+         */
+        offset = offsetof(struct fxregs_state, sw_reserved);
+        size = sizeof(xstate_fx_sw_bytes);
+        ret = xstate_copyout(offset, size, kbuf, ubuf, xstate_fx_sw_bytes, 0, count);
+        if (ret)
+                return ret;
+        return 0;
+}
+/*
+ * Convert from a ptrace standard-format buffer to kernel XSAVES format
+ * and copy to the target thread. This is called from xstateregs_set() and
+ * there we check the CPU has XSAVES and a whole standard-sized buffer
+ * exists.
+ */
+int copyin_to_xsaves(const void *kbuf, const void __user *ubuf,
+                     struct xregs_state *xsave)
+{
+        unsigned int offset, size;
+        int i;
+        u64 xfeatures;
+        u64 allowed_features;
+        offset = offsetof(struct xregs_state, header);
+        size = sizeof(xfeatures);
+        if (kbuf) {
+                memcpy(&xfeatures, kbuf + offset, size);
+        } else {
+                if (__copy_from_user(&xfeatures, ubuf + offset, size))
+                        return -EFAULT;
+        }
+        /*
+         * Reject if the user sets any disabled or supervisor features:
+         */
+        allowed_features = xfeatures_mask & ~XFEATURE_MASK_SUPERVISOR;
+        if (xfeatures & ~allowed_features)
+                return -EINVAL;
+        for (i = 0; i < XFEATURE_MAX; i++) {
+                u64 mask = ((u64)1 << i);
+                if (xfeatures & mask) {
+                        void *dst = __raw_xsave_addr(xsave, 1 << i);
+                        offset = xstate_offsets[i];
+                        size = xstate_sizes[i];
+                        if (kbuf) {
+                                memcpy(dst, kbuf + offset, size);
+                        } else {
+                                if (__copy_from_user(dst, ubuf + offset, size))
+                                        return -EFAULT;
+                        }
+                }
+        }
+        /*
+         * The state that came in from userspace was user-state only.
+         * Mask all the user states out of 'xfeatures':
+         */
+        xsave->header.xfeatures &= XFEATURE_MASK_SUPERVISOR;
+        /*
+         * Add back in the features that came in from userspace:
+         */
+        xsave->header.xfeatures |= xfeatures;
        return 0;
 }
author	Yu-cheng Yu <yu-cheng.yu@intel.com>	2016-06-17 16:07:17 -0400
committer	Ingo Molnar <mingo@kernel.org>	2016-07-10 11:12:10 -0400
commit	91c3dba7dbc199191272f4a9863f86ea3bfd679f (patch)
tree	c92ab248b7ea1261f4b8ba209e005a389bc7efb9
parent	1499ce2dd45afddea2e84f9f920890cf88384c4e (diff)

diff --git a/arch/x86/include/asm/fpu/xstate.h b/arch/x86/include/asm/fpu/xstate.h index 92f376ccc999..ae55a43e09c0 100644 --- a/arch/x86/include/asm/fpu/xstate.h +++ b/arch/x86/include/asm/fpu/xstate.h
@@ -51,5 +51,8 @@ void fpu__xstate_clear_all_cpu_caps(void);
51	void get_xsave_addr(struct xregs_state xsave, int xstate);	51	void get_xsave_addr(struct xregs_state xsave, int xstate);
52	const void *get_xsave_field_ptr(int xstate_field);	52	const void *get_xsave_field_ptr(int xstate_field);
53	int using_compacted_format(void);	53	int using_compacted_format(void);
54		54	int copyout_from_xsaves(unsigned int pos, unsigned int count, void *kbuf,
		55	void __user ubuf, struct xregs_state xsave);
		56	int copyin_to_xsaves(const void kbuf, const void __user ubuf,
		57	struct xregs_state *xsave);
55	#endif	58	#endif


diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 81422dfb152b..c114b132d121 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c
@@ -4,6 +4,7 @@
4	#include <asm/fpu/internal.h>	4	#include <asm/fpu/internal.h>
5	#include <asm/fpu/signal.h>	5	#include <asm/fpu/signal.h>
6	#include <asm/fpu/regset.h>	6	#include <asm/fpu/regset.h>
		7	#include <asm/fpu/xstate.h>
7		8
8	/*	9	/*
9	* The xstateregs_active() routine is the same as the regset_fpregs_active() routine,	10	* The xstateregs_active() routine is the same as the regset_fpregs_active() routine,
@@ -85,21 +86,26 @@ int xstateregs_get(struct task_struct target, const struct user_regset regset,
85	if (!boot_cpu_has(X86_FEATURE_XSAVE))	86	if (!boot_cpu_has(X86_FEATURE_XSAVE))
86	return -ENODEV;	87	return -ENODEV;
87		88
88	fpu__activate_fpstate_read(fpu);
89
90	xsave = &fpu->state.xsave;	89	xsave = &fpu->state.xsave;
91		90
92	/*	91	fpu__activate_fpstate_read(fpu);
93	* Copy the 48bytes defined by the software first into the xstate	92
94	* memory layout in the thread struct, so that we can copy the entire	93	if (using_compacted_format()) {
95	* xstateregs to the user using one user_regset_copyout().	94	ret = copyout_from_xsaves(pos, count, kbuf, ubuf, xsave);
96	*/	95	} else {
97	memcpy(&xsave->i387.sw_reserved,	96	fpstate_sanitize_xstate(fpu);
98	xstate_fx_sw_bytes, sizeof(xstate_fx_sw_bytes));	97	/*
99	/*	98	* Copy the 48 bytes defined by the software into the xsave
100	* Copy the xstate memory layout.	99	* area in the thread struct, so that we can copy the whole
101	*/	100	* area to user using one user_regset_copyout().
102	ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);	101	*/
		102	memcpy(&xsave->i387.sw_reserved, xstate_fx_sw_bytes, sizeof(xstate_fx_sw_bytes));
		103
		104	/*
		105	* Copy the xstate memory layout.
		106	*/
		107	ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
		108	}
103	return ret;	109	return ret;
104	}	110	}
105		111
@@ -114,11 +120,27 @@ int xstateregs_set(struct task_struct target, const struct user_regset regset,
114	if (!boot_cpu_has(X86_FEATURE_XSAVE))	120	if (!boot_cpu_has(X86_FEATURE_XSAVE))
115	return -ENODEV;	121	return -ENODEV;
116		122
117	fpu__activate_fpstate_write(fpu);	123	/*
		124	* A whole standard-format XSAVE buffer is needed:
		125	*/
		126	if ((pos != 0) \|\| (count < fpu_user_xstate_size))
		127	return -EFAULT;
118		128
119	xsave = &fpu->state.xsave;	129	xsave = &fpu->state.xsave;
120		130
121	ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);	131	fpu__activate_fpstate_write(fpu);
		132
		133	if (boot_cpu_has(X86_FEATURE_XSAVES))
		134	ret = copyin_to_xsaves(kbuf, ubuf, xsave);
		135	else
		136	ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1);
		137
		138	/*
		139	* In case of failure, mark all states as init:
		140	*/
		141	if (ret)
		142	fpstate_init(&fpu->state);
		143
122	/*	144	/*
123	* mxcsr reserved bits must be masked to zero for security reasons.	145	* mxcsr reserved bits must be masked to zero for security reasons.
124	*/	146	*/


diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index 02786fb7a1e8..56c0e707af21 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c
@@ -11,6 +11,7 @@
11	#include <asm/fpu/internal.h>	11	#include <asm/fpu/internal.h>
12	#include <asm/fpu/signal.h>	12	#include <asm/fpu/signal.h>
13	#include <asm/fpu/regset.h>	13	#include <asm/fpu/regset.h>
		14	#include <asm/fpu/xstate.h>
14		15
15	#include <asm/tlbflush.h>	16	#include <asm/tlbflush.h>
16		17
@@ -697,7 +698,12 @@ void __init fpu__init_system_xstate(void)
697	return;	698	return;
698	}	699	}
699		700
700	update_regset_xstate_info(fpu_kernel_xstate_size, xfeatures_mask);	701	/*
		702	* Update info used for ptrace frames; use standard-format size and no
		703	* supervisor xstates:
		704	*/
		705	update_regset_xstate_info(fpu_user_xstate_size, xfeatures_mask & ~XFEATURE_MASK_SUPERVISOR);
		706
701	fpu__init_prepare_fx_sw_frame();	707	fpu__init_prepare_fx_sw_frame();
702	setup_init_fpu_buf();	708	setup_init_fpu_buf();
703	setup_xstate_comp();	709	setup_xstate_comp();
@@ -925,16 +931,16 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
925	if (!boot_cpu_has(X86_FEATURE_OSPKE))	931	if (!boot_cpu_has(X86_FEATURE_OSPKE))
926	return -EINVAL;	932	return -EINVAL;
927		933
928	/* Set the bits we need in PKRU */	934	/* Set the bits we need in PKRU: */
929	if (init_val & PKEY_DISABLE_ACCESS)	935	if (init_val & PKEY_DISABLE_ACCESS)
930	new_pkru_bits \|= PKRU_AD_BIT;	936	new_pkru_bits \|= PKRU_AD_BIT;
931	if (init_val & PKEY_DISABLE_WRITE)	937	if (init_val & PKEY_DISABLE_WRITE)
932	new_pkru_bits \|= PKRU_WD_BIT;	938	new_pkru_bits \|= PKRU_WD_BIT;
933		939
934	/* Shift the bits in to the correct place in PKRU for pkey. */	940	/* Shift the bits in to the correct place in PKRU for pkey: */
935	new_pkru_bits <<= pkey_shift;	941	new_pkru_bits <<= pkey_shift;
936		942
937	/* Locate old copy of the state in the xsave buffer */	943	/* Locate old copy of the state in the xsave buffer: */
938	old_pkru_state = get_xsave_addr(xsave, XFEATURE_MASK_PKRU);	944	old_pkru_state = get_xsave_addr(xsave, XFEATURE_MASK_PKRU);
939		945
940	/*	946	/*
@@ -947,9 +953,10 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
947	else	953	else
948	new_pkru_state.pkru = old_pkru_state->pkru;	954	new_pkru_state.pkru = old_pkru_state->pkru;
949		955
950	/* mask off any old bits in place */	956	/* Mask off any old bits in place: */
951	new_pkru_state.pkru &= ~((PKRU_AD_BIT\|PKRU_WD_BIT) << pkey_shift);	957	new_pkru_state.pkru &= ~((PKRU_AD_BIT\|PKRU_WD_BIT) << pkey_shift);
952	/* Set the newly-requested bits */	958
		959	/* Set the newly-requested bits: */
953	new_pkru_state.pkru \|= new_pkru_bits;	960	new_pkru_state.pkru \|= new_pkru_bits;
954		961
955	/*	962	/*
@@ -963,8 +970,168 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
963	*/	970	*/
964	new_pkru_state.pad = 0;	971	new_pkru_state.pad = 0;
965		972
966	fpu__xfeature_set_state(XFEATURE_MASK_PKRU, &new_pkru_state,	973	fpu__xfeature_set_state(XFEATURE_MASK_PKRU, &new_pkru_state, sizeof(new_pkru_state));
967	sizeof(new_pkru_state));	974
		975	return 0;
		976	}
		977
		978	/*
		979	* This is similar to user_regset_copyout(), but will not add offset to
		980	* the source data pointer or increment pos, count, kbuf, and ubuf.
		981	*/
		982	static inline int xstate_copyout(unsigned int pos, unsigned int count,
		983	void kbuf, void __user ubuf,
		984	const void *data, const int start_pos,
		985	const int end_pos)
		986	{
		987	if ((count == 0) \|\| (pos < start_pos))
		988	return 0;
		989
		990	if (end_pos < 0 \|\| pos < end_pos) {
		991	unsigned int copy = (end_pos < 0 ? count : min(count, end_pos - pos));
		992
		993	if (kbuf) {
		994	memcpy(kbuf + pos, data, copy);
		995	} else {
		996	if (__copy_to_user(ubuf + pos, data, copy))
		997	return -EFAULT;
		998	}
		999	}
		1000	return 0;
		1001	}
		1002
		1003	/*
		1004	* Convert from kernel XSAVES compacted format to standard format and copy
		1005	* to a ptrace buffer. It supports partial copy but pos always starts from
		1006	* zero. This is called from xstateregs_get() and there we check the CPU
		1007	* has XSAVES.
		1008	*/
		1009	int copyout_from_xsaves(unsigned int pos, unsigned int count, void *kbuf,
		1010	void __user ubuf, struct xregs_state xsave)
		1011	{
		1012	unsigned int offset, size;
		1013	int ret, i;
		1014	struct xstate_header header;
		1015
		1016	/*
		1017	* Currently copy_regset_to_user() starts from pos 0:
		1018	*/
		1019	if (unlikely(pos != 0))
		1020	return -EFAULT;
		1021
		1022	/*
		1023	* The destination is a ptrace buffer; we put in only user xstates:
		1024	*/
		1025	memset(&header, 0, sizeof(header));
		1026	header.xfeatures = xsave->header.xfeatures;
		1027	header.xfeatures &= ~XFEATURE_MASK_SUPERVISOR;
		1028
		1029	/*
		1030	* Copy xregs_state->header:
		1031	*/
		1032	offset = offsetof(struct xregs_state, header);
		1033	size = sizeof(header);
		1034
		1035	ret = xstate_copyout(offset, size, kbuf, ubuf, &header, 0, count);
		1036
		1037	if (ret)
		1038	return ret;
		1039
		1040	for (i = 0; i < XFEATURE_MAX; i++) {
		1041	/*
		1042	* Copy only in-use xstates:
		1043	*/
		1044	if ((header.xfeatures >> i) & 1) {
		1045	void *src = __raw_xsave_addr(xsave, 1 << i);
		1046
		1047	offset = xstate_offsets[i];
		1048	size = xstate_sizes[i];
		1049
		1050	ret = xstate_copyout(offset, size, kbuf, ubuf, src, 0, count);
		1051
		1052	if (ret)
		1053	return ret;
		1054
		1055	if (offset + size >= count)
		1056	break;
		1057	}
		1058
		1059	}
		1060
		1061	/*
		1062	* Fill xsave->i387.sw_reserved value for ptrace frame:
		1063	*/
		1064	offset = offsetof(struct fxregs_state, sw_reserved);
		1065	size = sizeof(xstate_fx_sw_bytes);
		1066
		1067	ret = xstate_copyout(offset, size, kbuf, ubuf, xstate_fx_sw_bytes, 0, count);
		1068
		1069	if (ret)
		1070	return ret;
		1071
		1072	return 0;
		1073	}
		1074
		1075	/*
		1076	* Convert from a ptrace standard-format buffer to kernel XSAVES format
		1077	* and copy to the target thread. This is called from xstateregs_set() and
		1078	* there we check the CPU has XSAVES and a whole standard-sized buffer
		1079	* exists.
		1080	*/
		1081	int copyin_to_xsaves(const void kbuf, const void __user ubuf,
		1082	struct xregs_state *xsave)
		1083	{
		1084	unsigned int offset, size;
		1085	int i;
		1086	u64 xfeatures;
		1087	u64 allowed_features;
		1088
		1089	offset = offsetof(struct xregs_state, header);
		1090	size = sizeof(xfeatures);
		1091
		1092	if (kbuf) {
		1093	memcpy(&xfeatures, kbuf + offset, size);
		1094	} else {
		1095	if (__copy_from_user(&xfeatures, ubuf + offset, size))
		1096	return -EFAULT;
		1097	}
		1098
		1099	/*
		1100	* Reject if the user sets any disabled or supervisor features:
		1101	*/
		1102	allowed_features = xfeatures_mask & ~XFEATURE_MASK_SUPERVISOR;
		1103
		1104	if (xfeatures & ~allowed_features)
		1105	return -EINVAL;
		1106
		1107	for (i = 0; i < XFEATURE_MAX; i++) {
		1108	u64 mask = ((u64)1 << i);
		1109
		1110	if (xfeatures & mask) {
		1111	void *dst = __raw_xsave_addr(xsave, 1 << i);
		1112
		1113	offset = xstate_offsets[i];
		1114	size = xstate_sizes[i];
		1115
		1116	if (kbuf) {
		1117	memcpy(dst, kbuf + offset, size);
		1118	} else {
		1119	if (__copy_from_user(dst, ubuf + offset, size))
		1120	return -EFAULT;
		1121	}
		1122	}
		1123	}
		1124
		1125	/*
		1126	* The state that came in from userspace was user-state only.
		1127	* Mask all the user states out of 'xfeatures':
		1128	*/
		1129	xsave->header.xfeatures &= XFEATURE_MASK_SUPERVISOR;
		1130
		1131	/*
		1132	* Add back in the features that came in from userspace:
		1133	*/
		1134	xsave->header.xfeatures \|= xfeatures;
968		1135
969	return 0;	1136	return 0;
970	}	1137	}