1 files changed, 11 insertions, 0 deletions

diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c
index 86cef6b32253..6106af9fd129 100644
--- a/arch/x86/kernel/i387.c
+++ b/arch/x86/kernel/i387.c
@@ -190,6 +190,8 @@ int xfpregs_get(struct task_struct *target, const struct user_regset *regset,
         if (ret)
                 return ret;
 
+        sanitize_i387_state(target);
+
         return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
                                    &target->thread.fpu.state->fxsave, 0, -1);
 }
@@ -207,6 +209,8 @@ int xfpregs_set(struct task_struct *target, const struct user_regset *regset,
         if (ret)
                 return ret;
 
+        sanitize_i387_state(target);
+
         ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
                                  &target->thread.fpu.state->fxsave, 0, -1);
 
@@ -446,6 +450,8 @@ int fpregs_get(struct task_struct *target, const struct user_regset *regset,
                                            -1);
         }
 
+        sanitize_i387_state(target);
+
         if (kbuf && pos == 0 && count == sizeof(env)) {
                 convert_from_fxsr(kbuf, target);
                 return 0;
@@ -467,6 +473,8 @@ int fpregs_set(struct task_struct *target, const struct user_regset *regset,
         if (ret)
                 return ret;
 
+        sanitize_i387_state(target);
+
         if (!HAVE_HWFP)
                 return fpregs_soft_set(target, regset, pos, count, kbuf, ubuf);
 
@@ -533,6 +541,9 @@ static int save_i387_xsave(void __user *buf)
         struct _fpstate_ia32 __user *fx = buf;
         int err = 0;
 
+
+        sanitize_i387_state(tsk);
+
         /*
          * For legacy compatible, we always set FP/SSE bits in the bit
          * vector while saving the state to the user context.