diff options
| author | Quentin Casasnovas <quentin.casasnovas@oracle.com> | 2015-03-05 07:19:22 -0500 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2015-03-05 12:20:36 -0500 |
| commit | 06c8173eb92bbfc03a0fe8bb64315857d0badd06 (patch) | |
| tree | 73ecc10d3017c9ae7a6403fca3afbf3d7ec12997 /arch | |
| parent | 9ab6eb51ef4ad63cb71533d3a4dfb09ea8f69b4c (diff) | |
x86/fpu/xsaves: Fix improper uses of __ex_table
Commit:
f31a9f7c7169 ("x86/xsaves: Use xsaves/xrstors to save and restore xsave area")
introduced alternative instructions for XSAVES/XRSTORS and commit:
adb9d526e982 ("x86/xsaves: Add xsaves and xrstors support for booting time")
added support for the XSAVES/XRSTORS instructions at boot time.
Unfortunately both failed to properly protect them against faulting:
The 'xstate_fault' macro will use the closest label named '1'
backward and that ends up in the .altinstr_replacement section
rather than in .text. This means that the kernel will never find
in the __ex_table the .text address where this instruction might
fault, leading to serious problems if userspace manages to
trigger the fault.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Jamie Iles <jamie.iles@oracle.com>
[ Improved the changelog, fixed some whitespace noise. ]
Acked-by: Borislav Petkov <bp@alien8.de>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <stable@vger.kernel.org>
Cc: Allan Xavier <mr.a.xavier@gmail.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: adb9d526e982 ("x86/xsaves: Add xsaves and xrstors support for booting time")
Fixes: f31a9f7c7169 ("x86/xsaves: Use xsaves/xrstors to save and restore xsave area")
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/include/asm/xsave.h | 28 |
1 files changed, 11 insertions, 17 deletions
diff --git a/arch/x86/include/asm/xsave.h b/arch/x86/include/asm/xsave.h index 5fa9770035dc..c9a6d68b8d62 100644 --- a/arch/x86/include/asm/xsave.h +++ b/arch/x86/include/asm/xsave.h | |||
| @@ -82,18 +82,15 @@ static inline int xsave_state_booting(struct xsave_struct *fx, u64 mask) | |||
| 82 | if (boot_cpu_has(X86_FEATURE_XSAVES)) | 82 | if (boot_cpu_has(X86_FEATURE_XSAVES)) |
| 83 | asm volatile("1:"XSAVES"\n\t" | 83 | asm volatile("1:"XSAVES"\n\t" |
| 84 | "2:\n\t" | 84 | "2:\n\t" |
| 85 | : : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | 85 | xstate_fault |
| 86 | : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | ||
| 86 | : "memory"); | 87 | : "memory"); |
| 87 | else | 88 | else |
| 88 | asm volatile("1:"XSAVE"\n\t" | 89 | asm volatile("1:"XSAVE"\n\t" |
| 89 | "2:\n\t" | 90 | "2:\n\t" |
| 90 | : : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | 91 | xstate_fault |
| 92 | : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | ||
| 91 | : "memory"); | 93 | : "memory"); |
| 92 | |||
| 93 | asm volatile(xstate_fault | ||
| 94 | : "0" (0) | ||
| 95 | : "memory"); | ||
| 96 | |||
| 97 | return err; | 94 | return err; |
| 98 | } | 95 | } |
| 99 | 96 | ||
| @@ -112,18 +109,15 @@ static inline int xrstor_state_booting(struct xsave_struct *fx, u64 mask) | |||
| 112 | if (boot_cpu_has(X86_FEATURE_XSAVES)) | 109 | if (boot_cpu_has(X86_FEATURE_XSAVES)) |
| 113 | asm volatile("1:"XRSTORS"\n\t" | 110 | asm volatile("1:"XRSTORS"\n\t" |
| 114 | "2:\n\t" | 111 | "2:\n\t" |
| 115 | : : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | 112 | xstate_fault |
| 113 | : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | ||
| 116 | : "memory"); | 114 | : "memory"); |
| 117 | else | 115 | else |
| 118 | asm volatile("1:"XRSTOR"\n\t" | 116 | asm volatile("1:"XRSTOR"\n\t" |
| 119 | "2:\n\t" | 117 | "2:\n\t" |
| 120 | : : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | 118 | xstate_fault |
| 119 | : "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | ||
| 121 | : "memory"); | 120 | : "memory"); |
| 122 | |||
| 123 | asm volatile(xstate_fault | ||
| 124 | : "0" (0) | ||
| 125 | : "memory"); | ||
| 126 | |||
| 127 | return err; | 121 | return err; |
| 128 | } | 122 | } |
| 129 | 123 | ||
| @@ -149,9 +143,9 @@ static inline int xsave_state(struct xsave_struct *fx, u64 mask) | |||
| 149 | */ | 143 | */ |
| 150 | alternative_input_2( | 144 | alternative_input_2( |
| 151 | "1:"XSAVE, | 145 | "1:"XSAVE, |
| 152 | "1:"XSAVEOPT, | 146 | XSAVEOPT, |
| 153 | X86_FEATURE_XSAVEOPT, | 147 | X86_FEATURE_XSAVEOPT, |
| 154 | "1:"XSAVES, | 148 | XSAVES, |
| 155 | X86_FEATURE_XSAVES, | 149 | X86_FEATURE_XSAVES, |
| 156 | [fx] "D" (fx), "a" (lmask), "d" (hmask) : | 150 | [fx] "D" (fx), "a" (lmask), "d" (hmask) : |
| 157 | "memory"); | 151 | "memory"); |
| @@ -178,7 +172,7 @@ static inline int xrstor_state(struct xsave_struct *fx, u64 mask) | |||
| 178 | */ | 172 | */ |
| 179 | alternative_input( | 173 | alternative_input( |
| 180 | "1: " XRSTOR, | 174 | "1: " XRSTOR, |
| 181 | "1: " XRSTORS, | 175 | XRSTORS, |
| 182 | X86_FEATURE_XSAVES, | 176 | X86_FEATURE_XSAVES, |
| 183 | "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) | 177 | "D" (fx), "m" (*fx), "a" (lmask), "d" (hmask) |
| 184 | : "memory"); | 178 | : "memory"); |