Commit 4e8e4313 authored by Thomas Gleixner's avatar Thomas Gleixner Committed by Borislav Petkov

x86/fpu: Make xfeatures_mask_all __ro_after_init

Nothing has to modify this after init.

But of course there is code which unconditionally masks
xfeatures_mask_all on CPU hotplug. This goes unnoticed during boot
hotplug because at that point the variable is still RW mapped.

This is broken in several ways:

  1) Masking this in post init CPU hotplug means that any
     modification of this state goes unnoticed until actual hotplug
     happens.

  2) If that ever happens then these bogus feature bits are already
     populated all over the place and the system is in inconsistent state
     vs. the compacted XSTATE offsets. If at all then this has to panic the
     machine because the inconsistency cannot be undone anymore.

Make this a one-time paranoia check in xstate init code and disable
xsave when this happens.
Reported-by: default avatarKan Liang <kan.liang@linux.intel.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20210623121451.712803952@linutronix.de
parent ce578f16
...@@ -59,7 +59,7 @@ static short xsave_cpuid_features[] __initdata = { ...@@ -59,7 +59,7 @@ static short xsave_cpuid_features[] __initdata = {
* This represents the full set of bits that should ever be set in a kernel * This represents the full set of bits that should ever be set in a kernel
* XSAVE buffer, both supervisor and user xstates. * XSAVE buffer, both supervisor and user xstates.
*/ */
u64 xfeatures_mask_all __read_mostly; u64 xfeatures_mask_all __ro_after_init;
static unsigned int xstate_offsets[XFEATURE_MAX] __ro_after_init = static unsigned int xstate_offsets[XFEATURE_MAX] __ro_after_init =
{ [ 0 ... XFEATURE_MAX - 1] = -1}; { [ 0 ... XFEATURE_MAX - 1] = -1};
...@@ -213,19 +213,8 @@ void fpstate_sanitize_xstate(struct fpu *fpu) ...@@ -213,19 +213,8 @@ void fpstate_sanitize_xstate(struct fpu *fpu)
*/ */
void fpu__init_cpu_xstate(void) void fpu__init_cpu_xstate(void)
{ {
u64 unsup_bits;
if (!boot_cpu_has(X86_FEATURE_XSAVE) || !xfeatures_mask_all) if (!boot_cpu_has(X86_FEATURE_XSAVE) || !xfeatures_mask_all)
return; return;
/*
* Unsupported supervisor xstates should not be found in
* the xfeatures mask.
*/
unsup_bits = xfeatures_mask_all & XFEATURE_MASK_SUPERVISOR_UNSUPPORTED;
WARN_ONCE(unsup_bits, "x86/fpu: Found unsupported supervisor xstates: 0x%llx\n",
unsup_bits);
xfeatures_mask_all &= ~XFEATURE_MASK_SUPERVISOR_UNSUPPORTED;
cr4_set_bits(X86_CR4_OSXSAVE); cr4_set_bits(X86_CR4_OSXSAVE);
...@@ -825,6 +814,7 @@ void __init fpu__init_system_xstate(void) ...@@ -825,6 +814,7 @@ void __init fpu__init_system_xstate(void)
{ {
unsigned int eax, ebx, ecx, edx; unsigned int eax, ebx, ecx, edx;
static int on_boot_cpu __initdata = 1; static int on_boot_cpu __initdata = 1;
u64 xfeatures;
int err; int err;
int i; int i;
...@@ -879,6 +869,8 @@ void __init fpu__init_system_xstate(void) ...@@ -879,6 +869,8 @@ void __init fpu__init_system_xstate(void)
} }
xfeatures_mask_all &= fpu__get_supported_xfeatures_mask(); xfeatures_mask_all &= fpu__get_supported_xfeatures_mask();
/* Store it for paranoia check at the end */
xfeatures = xfeatures_mask_all;
/* Enable xstate instructions to be able to continue with initialization: */ /* Enable xstate instructions to be able to continue with initialization: */
fpu__init_cpu_xstate(); fpu__init_cpu_xstate();
...@@ -896,8 +888,18 @@ void __init fpu__init_system_xstate(void) ...@@ -896,8 +888,18 @@ void __init fpu__init_system_xstate(void)
setup_init_fpu_buf(); setup_init_fpu_buf();
setup_xstate_comp_offsets(); setup_xstate_comp_offsets();
setup_supervisor_only_offsets(); setup_supervisor_only_offsets();
print_xstate_offset_size();
/*
* Paranoia check whether something in the setup modified the
* xfeatures mask.
*/
if (xfeatures != xfeatures_mask_all) {
pr_err("x86/fpu: xfeatures modified from 0x%016llx to 0x%016llx during init, disabling XSAVE\n",
xfeatures, xfeatures_mask_all);
goto out_disable;
}
print_xstate_offset_size();
pr_info("x86/fpu: Enabled xstate features 0x%llx, context size is %d bytes, using '%s' format.\n", pr_info("x86/fpu: Enabled xstate features 0x%llx, context size is %d bytes, using '%s' format.\n",
xfeatures_mask_all, xfeatures_mask_all,
fpu_kernel_xstate_size, fpu_kernel_xstate_size,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment