[PATCH 03/19] x86, mpx: Use new get_xsave_field_ptr()
From: Dave Hansen
The MPX registers (bndcsr/bndcfgu/bndstatus) are not directly
accessible via normal instructions. They essentially act as
if they were floating point registers and are saved/restored
along with those registers.
There are two main paths in the MPX code where we care about
the contents of these registers:
1. #BR (bounds) faults
2. the prctl() code where we are setting MPX up
Both of those paths _might_ be called without the FPU having
been used. That means that 'tsk->thread.fpu.state' might
never be allocated.
Also, fpu_save_init() is not preempt-safe. It was a bug to
call it without disabling preemption. The new
get_xsave_addr() calls unlazy_fpu() instead and properly
disables preemption.
Signed-off-by: Dave Hansen
Reviewed-by: Thomas Gleixner
Cc: Oleg Nesterov
Cc: b...@alien8.de
Cc: Rik van Riel
Cc: Suresh Siddha
Cc: Andy Lutomirski
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Fenghua Yu
Cc: the arch/x86 maintainers
Cc: linux-kernel
---
Changes from v21:
* rename get_xsave_field() to get_xsave_field_ptr()
---
b/arch/x86/include/asm/mpx.h |8
b/arch/x86/kernel/traps.c| 17 -
b/arch/x86/mm/mpx.c | 30 +++---
3 files changed, 27 insertions(+), 28 deletions(-)
diff -puN arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr
arch/x86/include/asm/mpx.h
--- a/arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr 2015-06-01
10:24:03.804711835 -0700
+++ b/arch/x86/include/asm/mpx.h2015-06-01 10:24:03.810712106 -0700
@@ -60,8 +60,8 @@
#ifdef CONFIG_X86_INTEL_MPX
siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf);
-int mpx_handle_bd_fault(struct xregs_state *xsave_buf);
+ struct task_struct *tsk);
+int mpx_handle_bd_fault(struct task_struct *tsk);
static inline int kernel_managing_mpx_tables(struct mm_struct *mm)
{
return (mm->bd_addr != MPX_INVALID_BOUNDS_DIR);
@@ -78,11 +78,11 @@ void mpx_notify_unmap(struct mm_struct *
unsigned long start, unsigned long end);
#else
static inline siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf)
+ struct task_struct *tsk)
{
return NULL;
}
-static inline int mpx_handle_bd_fault(struct xregs_state *xsave_buf)
+static inline int mpx_handle_bd_fault(struct task_struct *tsk)
{
return -EINVAL;
}
diff -puN arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr
arch/x86/kernel/traps.c
--- a/arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr2015-06-01
10:24:03.805711880 -0700
+++ b/arch/x86/kernel/traps.c 2015-06-01 10:24:03.810712106 -0700
@@ -59,6 +59,7 @@
#include
#include
#include
+#include
#include
#ifdef CONFIG_X86_64
@@ -371,9 +372,8 @@ dotraplinkage void do_double_fault(struc
dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
{
struct task_struct *tsk = current;
- struct xregs_state *xsave_buf;
enum ctx_state prev_state;
- struct bndcsr *bndcsr;
+ const struct bndcsr *bndcsr;
siginfo_t *info;
prev_state = exception_enter();
@@ -392,12 +392,11 @@ dotraplinkage void do_bounds(struct pt_r
/*
* We need to look at BNDSTATUS to resolve this exception.
-* It is not directly accessible, though, so we need to
-* do an xsave and then pull it out of the xsave buffer.
+* A NULL here might mean that it is in its 'init state',
+* which is all zeros which indicates MPX was not
+* responsible for the exception.
*/
- copy_fpregs_to_fpstate(&tsk->thread.fpu);
- xsave_buf = &(tsk->thread.fpu.state.xsave);
- bndcsr = get_xsave_addr(xsave_buf, XSTATE_BNDCSR);
+ bndcsr = get_xsave_field_ptr(XSTATE_BNDCSR);
if (!bndcsr)
goto exit_trap;
@@ -408,11 +407,11 @@ dotraplinkage void do_bounds(struct pt_r
*/
switch (bndcsr->bndstatus & MPX_BNDSTA_ERROR_CODE) {
case 2: /* Bound directory has invalid entry. */
- if (mpx_handle_bd_fault(xsave_buf))
+ if (mpx_handle_bd_fault(tsk))
goto exit_trap;
break; /* Success, it was handled */
case 1: /* Bound violation. */
- info = mpx_generate_siginfo(regs, xsave_buf);
+ info = mpx_generate_siginfo(regs, tsk);
if (IS_ERR(info)) {
/*
* We failed to decode the MPX instruction. Act as if
diff -puN arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr arch/x86/mm/mpx.c
--- a/arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr 2015-06-01
10:24:03.807711971 -0700
+++ b/arch/x86/mm/mpx.c 2015-06-01 10:24:03.811712151 -0700
@@ -272,9 +272,9 @@ bad_opcode:
* The caller is expected to
[PATCH 03/19] x86, mpx: Use new get_xsave_field_ptr()
From: Dave Hansen
The MPX registers (bndcsr/bndcfgu/bndstatus) are not directly
accessible via normal instructions. They essentially act as
if they were floating point registers and are saved/restored
along with those registers.
There are two main paths in the MPX code where we care about
the contents of these registers:
1. #BR (bounds) faults
2. the prctl() code where we are setting MPX up
Both of those paths _might_ be called without the FPU having
been used. That means that 'tsk->thread.fpu.state' might
never be allocated.
Also, fpu_save_init() is not preempt-safe. It was a bug to
call it without disabling preemption. The new
get_xsave_addr() calls unlazy_fpu() instead and properly
disables preemption.
Signed-off-by: Dave Hansen
Reviewed-by: Thomas Gleixner
Cc: Oleg Nesterov
Cc: b...@alien8.de
Cc: Rik van Riel
Cc: Suresh Siddha
Cc: Andy Lutomirski
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Fenghua Yu
Cc: the arch/x86 maintainers
Cc: linux-kernel
---
Changes from v21:
* rename get_xsave_field() to get_xsave_field_ptr()
---
b/arch/x86/include/asm/mpx.h |8
b/arch/x86/kernel/traps.c| 15 +++
b/arch/x86/mm/mpx.c | 24
3 files changed, 23 insertions(+), 24 deletions(-)
diff -puN arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr
arch/x86/include/asm/mpx.h
--- a/arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr 2015-05-27
09:32:15.346481924 -0700
+++ b/arch/x86/include/asm/mpx.h2015-05-27 09:32:15.353482240 -0700
@@ -60,8 +60,8 @@
#ifdef CONFIG_X86_INTEL_MPX
siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf);
-int mpx_handle_bd_fault(struct xregs_state *xsave_buf);
+ struct task_struct *tsk);
+int mpx_handle_bd_fault(struct task_struct *tsk);
static inline int kernel_managing_mpx_tables(struct mm_struct *mm)
{
return (mm->bd_addr != MPX_INVALID_BOUNDS_DIR);
@@ -78,11 +78,11 @@ void mpx_notify_unmap(struct mm_struct *
unsigned long start, unsigned long end);
#else
static inline siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf)
+ struct task_struct *tsk)
{
return NULL;
}
-static inline int mpx_handle_bd_fault(struct xregs_state *xsave_buf)
+static inline int mpx_handle_bd_fault(struct task_struct *tsk)
{
return -EINVAL;
}
diff -puN arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr
arch/x86/kernel/traps.c
--- a/arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr2015-05-27
09:32:15.348482015 -0700
+++ b/arch/x86/kernel/traps.c 2015-05-27 09:32:15.353482240 -0700
@@ -59,6 +59,7 @@
#include
#include
#include
+#include
#include
#ifdef CONFIG_X86_64
@@ -371,7 +372,6 @@ dotraplinkage void do_double_fault(struc
dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
{
struct task_struct *tsk = current;
- struct xregs_state *xsave_buf;
enum ctx_state prev_state;
struct bndcsr *bndcsr;
siginfo_t *info;
@@ -392,12 +392,11 @@ dotraplinkage void do_bounds(struct pt_r
/*
* We need to look at BNDSTATUS to resolve this exception.
-* It is not directly accessible, though, so we need to
-* do an xsave and then pull it out of the xsave buffer.
+* A NULL here might mean that it is in its 'init state',
+* which is all zeros which indicates MPX was not
+* responsible for the exception.
*/
- copy_fpregs_to_fpstate(&tsk->thread.fpu);
- xsave_buf = &(tsk->thread.fpu.state.xsave);
- bndcsr = get_xsave_addr(xsave_buf, XSTATE_BNDCSR);
+ bndcsr = get_xsave_field_ptr(XSTATE_BNDCSR);
if (!bndcsr)
goto exit_trap;
@@ -408,11 +407,11 @@ dotraplinkage void do_bounds(struct pt_r
*/
switch (bndcsr->bndstatus & MPX_BNDSTA_ERROR_CODE) {
case 2: /* Bound directory has invalid entry. */
- if (mpx_handle_bd_fault(xsave_buf))
+ if (mpx_handle_bd_fault(tsk))
goto exit_trap;
break; /* Success, it was handled */
case 1: /* Bound violation. */
- info = mpx_generate_siginfo(regs, xsave_buf);
+ info = mpx_generate_siginfo(regs, tsk);
if (IS_ERR(info)) {
/*
* We failed to decode the MPX instruction. Act as if
diff -puN arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr arch/x86/mm/mpx.c
--- a/arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr 2015-05-27
09:32:15.349482059 -0700
+++ b/arch/x86/mm/mpx.c 2015-05-27 09:32:15.354482285 -0700
@@ -272,7 +272,7 @@ bad_opcode:
* The caller is expected to kfree() the returned siginfo_t.
*/
siginfo_t *mpx_generate_siginfo(struct pt_regs *r
[PATCH 03/19] x86, mpx: Use new get_xsave_field_ptr()
From: Dave Hansen
The MPX registers (bndcsr/bndcfgu/bndstatus) are not directly
accessible via normal instructions. They essentially act as
if they were floating point registers and are saved/restored
along with those registers.
There are two main paths in the MPX code where we care about
the contents of these registers:
1. #BR (bounds) faults
2. the prctl() code where we are setting MPX up
Both of those paths _might_ be called without the FPU having
been used. That means that 'tsk->thread.fpu.state' might
never be allocated.
Also, fpu_save_init() is not preempt-safe. It was a bug to
call it without disabling preemption. The new
get_xsave_addr() calls unlazy_fpu() instead and properly
disables preemption.
Signed-off-by: Dave Hansen
Reviewed-by: Thomas Gleixner
Cc: Oleg Nesterov
Cc: b...@alien8.de
Cc: Rik van Riel
Cc: Suresh Siddha
Cc: Andy Lutomirski
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Fenghua Yu
Cc: the arch/x86 maintainers
Cc: linux-kernel
---
Changes from v21:
* rename get_xsave_field() to get_xsave_field_ptr()
---
b/arch/x86/include/asm/mpx.h |8
b/arch/x86/kernel/traps.c| 15 +++
b/arch/x86/mm/mpx.c | 24
3 files changed, 23 insertions(+), 24 deletions(-)
diff -puN arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr
arch/x86/include/asm/mpx.h
--- a/arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr 2015-05-27
09:32:15.346481924 -0700
+++ b/arch/x86/include/asm/mpx.h2015-05-27 09:32:15.353482240 -0700
@@ -60,8 +60,8 @@
#ifdef CONFIG_X86_INTEL_MPX
siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf);
-int mpx_handle_bd_fault(struct xregs_state *xsave_buf);
+ struct task_struct *tsk);
+int mpx_handle_bd_fault(struct task_struct *tsk);
static inline int kernel_managing_mpx_tables(struct mm_struct *mm)
{
return (mm->bd_addr != MPX_INVALID_BOUNDS_DIR);
@@ -78,11 +78,11 @@ void mpx_notify_unmap(struct mm_struct *
unsigned long start, unsigned long end);
#else
static inline siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xregs_state *xsave_buf)
+ struct task_struct *tsk)
{
return NULL;
}
-static inline int mpx_handle_bd_fault(struct xregs_state *xsave_buf)
+static inline int mpx_handle_bd_fault(struct task_struct *tsk)
{
return -EINVAL;
}
diff -puN arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr
arch/x86/kernel/traps.c
--- a/arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr2015-05-27
09:32:15.348482015 -0700
+++ b/arch/x86/kernel/traps.c 2015-05-27 09:32:15.353482240 -0700
@@ -59,6 +59,7 @@
#include
#include
#include
+#include
#include
#ifdef CONFIG_X86_64
@@ -371,7 +372,6 @@ dotraplinkage void do_double_fault(struc
dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
{
struct task_struct *tsk = current;
- struct xregs_state *xsave_buf;
enum ctx_state prev_state;
struct bndcsr *bndcsr;
siginfo_t *info;
@@ -392,12 +392,11 @@ dotraplinkage void do_bounds(struct pt_r
/*
* We need to look at BNDSTATUS to resolve this exception.
-* It is not directly accessible, though, so we need to
-* do an xsave and then pull it out of the xsave buffer.
+* A NULL here might mean that it is in its 'init state',
+* which is all zeros which indicates MPX was not
+* responsible for the exception.
*/
- copy_fpregs_to_fpstate(&tsk->thread.fpu);
- xsave_buf = &(tsk->thread.fpu.state.xsave);
- bndcsr = get_xsave_addr(xsave_buf, XSTATE_BNDCSR);
+ bndcsr = get_xsave_field_ptr(XSTATE_BNDCSR);
if (!bndcsr)
goto exit_trap;
@@ -408,11 +407,11 @@ dotraplinkage void do_bounds(struct pt_r
*/
switch (bndcsr->bndstatus & MPX_BNDSTA_ERROR_CODE) {
case 2: /* Bound directory has invalid entry. */
- if (mpx_handle_bd_fault(xsave_buf))
+ if (mpx_handle_bd_fault(tsk))
goto exit_trap;
break; /* Success, it was handled */
case 1: /* Bound violation. */
- info = mpx_generate_siginfo(regs, xsave_buf);
+ info = mpx_generate_siginfo(regs, tsk);
if (IS_ERR(info)) {
/*
* We failed to decode the MPX instruction. Act as if
diff -puN arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr arch/x86/mm/mpx.c
--- a/arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr 2015-05-27
09:32:15.349482059 -0700
+++ b/arch/x86/mm/mpx.c 2015-05-27 09:32:15.354482285 -0700
@@ -272,7 +272,7 @@ bad_opcode:
* The caller is expected to kfree() the returned siginfo_t.
*/
siginfo_t *mpx_generate_siginfo(struct pt_regs *r
Re: [PATCH 03/19] x86, mpx: Use new get_xsave_field_ptr()
On Mon, 18 May 2015, Dave Hansen wrote: > From: Dave Hansen > > The MPX registers (bndcsr/bndcfgu/bndstatus) are not directly > accessible via normal instructions. They essentially act as > if they were floating point registers and are saved/restored > along with those registers. > > There are two main paths in the MPX code where we care about > the contents of these registers: > 1. #BR (bounds) faults > 2. the prctl() code where we are setting MPX up > > Both of those paths _might_ be called without the FPU having > been used. That means that 'tsk->thread.fpu.state' might > never be allocated. > > Also, fpu_save_init() is not preempt-safe. It was a bug to > call it without disabling preemption. The new > get_xsave_addr() calls unlazy_fpu() instead and properly > disables preemption. > > Signed-off-by: Dave Hansen Reviewed-by: Thomas Gleixner -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 03/19] x86, mpx: Use new get_xsave_field_ptr()
From: Dave Hansen
The MPX registers (bndcsr/bndcfgu/bndstatus) are not directly
accessible via normal instructions. They essentially act as
if they were floating point registers and are saved/restored
along with those registers.
There are two main paths in the MPX code where we care about
the contents of these registers:
1. #BR (bounds) faults
2. the prctl() code where we are setting MPX up
Both of those paths _might_ be called without the FPU having
been used. That means that 'tsk->thread.fpu.state' might
never be allocated.
Also, fpu_save_init() is not preempt-safe. It was a bug to
call it without disabling preemption. The new
get_xsave_addr() calls unlazy_fpu() instead and properly
disables preemption.
Signed-off-by: Dave Hansen
Cc: Oleg Nesterov
Cc: b...@alien8.de
Cc: Rik van Riel
Cc: Suresh Siddha
Cc: Andy Lutomirski
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Fenghua Yu
Cc: the arch/x86 maintainers
Cc: linux-kernel
---
Changes from v21:
* rename get_xsave_field() to get_xsave_field_ptr()
---
b/arch/x86/include/asm/mpx.h |8
b/arch/x86/kernel/traps.c| 15 +++
b/arch/x86/mm/mpx.c | 23 +++
3 files changed, 22 insertions(+), 24 deletions(-)
diff -puN arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr
arch/x86/include/asm/mpx.h
--- a/arch/x86/include/asm/mpx.h~use-new-tsk_get_xsave_addr 2015-05-18
17:48:58.631409087 -0700
+++ b/arch/x86/include/asm/mpx.h2015-05-18 17:48:58.637409357 -0700
@@ -60,8 +60,8 @@
#ifdef CONFIG_X86_INTEL_MPX
siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xsave_struct *xsave_buf);
-int mpx_handle_bd_fault(struct xsave_struct *xsave_buf);
+ struct task_struct *tsk);
+int mpx_handle_bd_fault(struct task_struct *tsk);
static inline int kernel_managing_mpx_tables(struct mm_struct *mm)
{
return (mm->bd_addr != MPX_INVALID_BOUNDS_DIR);
@@ -78,11 +78,11 @@ void mpx_notify_unmap(struct mm_struct *
unsigned long start, unsigned long end);
#else
static inline siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
- struct xsave_struct *xsave_buf)
+ struct task_struct *tsk)
{
return NULL;
}
-static inline int mpx_handle_bd_fault(struct xsave_struct *xsave_buf)
+static inline int mpx_handle_bd_fault(struct task_struct *tsk)
{
return -EINVAL;
}
diff -puN arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr
arch/x86/kernel/traps.c
--- a/arch/x86/kernel/traps.c~use-new-tsk_get_xsave_addr2015-05-18
17:48:58.632409132 -0700
+++ b/arch/x86/kernel/traps.c 2015-05-18 17:48:58.638409402 -0700
@@ -61,6 +61,7 @@
#include
#include
#include
+#include
#ifdef CONFIG_X86_64
#include
@@ -372,7 +373,6 @@ dotraplinkage void do_double_fault(struc
dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
{
struct task_struct *tsk = current;
- struct xsave_struct *xsave_buf;
enum ctx_state prev_state;
struct bndcsr *bndcsr;
siginfo_t *info;
@@ -393,12 +393,11 @@ dotraplinkage void do_bounds(struct pt_r
/*
* We need to look at BNDSTATUS to resolve this exception.
-* It is not directly accessible, though, so we need to
-* do an xsave and then pull it out of the xsave buffer.
+* A NULL here might mean that it is in its 'init state',
+* which is all zeros which indicates MPX was not
+* responsible for the exception.
*/
- fpu_save_init(&tsk->thread.fpu);
- xsave_buf = &(tsk->thread.fpu.state->xsave);
- bndcsr = get_xsave_addr(xsave_buf, XSTATE_BNDCSR);
+ bndcsr = get_xsave_field_ptr(XSTATE_BNDCSR);
if (!bndcsr)
goto exit_trap;
@@ -409,11 +408,11 @@ dotraplinkage void do_bounds(struct pt_r
*/
switch (bndcsr->bndstatus & MPX_BNDSTA_ERROR_CODE) {
case 2: /* Bound directory has invalid entry. */
- if (mpx_handle_bd_fault(xsave_buf))
+ if (mpx_handle_bd_fault(tsk))
goto exit_trap;
break; /* Success, it was handled */
case 1: /* Bound violation. */
- info = mpx_generate_siginfo(regs, xsave_buf);
+ info = mpx_generate_siginfo(regs, tsk);
if (IS_ERR(info)) {
/*
* We failed to decode the MPX instruction. Act as if
diff -puN arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr arch/x86/mm/mpx.c
--- a/arch/x86/mm/mpx.c~use-new-tsk_get_xsave_addr 2015-05-18
17:48:58.634409222 -0700
+++ b/arch/x86/mm/mpx.c 2015-05-18 17:48:58.639409447 -0700
@@ -273,7 +273,7 @@ bad_opcode:
* The caller is expected to kfree() the returned siginfo_t.
*/
siginfo_t *mpx_generate_siginfo(struct pt_regs *regs,
-
