Commit b42ae5ea authored by yu-cheng yu's avatar yu-cheng yu Committed by Stefan Bader

x86/fpu: Disable MPX when eagerfpu is off

This issue is a fallout from the command-line parsing move.

When "eagerfpu=off" is given as a command-line input, the kernel
should disable MPX support. The decision for turning off MPX was
made in fpu__init_system_ctx_switch(), which is after the
selection of the XSAVE format. This patch fixes it by getting
that decision done earlier in fpu__init_system_xstate().
Signed-off-by: default avatarYu-cheng Yu <yu-cheng.yu@intel.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Cc: Ravi V. Shankar <ravi.v.shankar@intel.com>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: yu-cheng yu <yu-cheng.yu@intel.com>
Link: http://lkml.kernel.org/r/1452119094-7252-4-git-send-email-yu-cheng.yu@intel.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>

CVE-2018-3665 (x86)

(backported from commit a5fe93a5)
Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
parent f12c41e8
...@@ -43,6 +43,7 @@ extern void fpu__init_cpu_xstate(void); ...@@ -43,6 +43,7 @@ extern void fpu__init_cpu_xstate(void);
extern void fpu__init_system(struct cpuinfo_x86 *c); extern void fpu__init_system(struct cpuinfo_x86 *c);
extern void fpu__init_check_bugs(void); extern void fpu__init_check_bugs(void);
extern void fpu__resume_cpu(void); extern void fpu__resume_cpu(void);
extern u64 fpu__get_supported_xfeatures_mask(void);
/* /*
* Debugging facility: * Debugging facility:
......
...@@ -267,8 +267,46 @@ static void __init fpu__init_system_xstate_size_legacy(void) ...@@ -267,8 +267,46 @@ static void __init fpu__init_system_xstate_size_legacy(void)
*/ */
static enum { AUTO, ENABLE, DISABLE } eagerfpu = AUTO; static enum { AUTO, ENABLE, DISABLE } eagerfpu = AUTO;
/*
* Find supported xfeatures based on cpu features and command-line input.
* This must be called after fpu__init_parse_early_param() is called and
* xfeatures_mask is enumerated.
*/
u64 __init fpu__get_supported_xfeatures_mask(void)
{
/* Support all xfeatures known to us */
if (eagerfpu != DISABLE)
return XCNTXT_MASK;
/* Warning of xfeatures being disabled for no eagerfpu mode */
if (xfeatures_mask & XFEATURE_MASK_EAGER) {
pr_err("x86/fpu: eagerfpu switching disabled, disabling the following xstate features: 0x%llx.\n",
xfeatures_mask & XFEATURE_MASK_EAGER);
}
/* Return a mask that masks out all features requiring eagerfpu mode */
return ~XFEATURE_MASK_EAGER;
}
/*
* Disable features dependent on eagerfpu.
*/
static void __init fpu__clear_eager_fpu_features(void)
{
setup_clear_cpu_cap(X86_FEATURE_MPX);
}
/* /*
* Pick the FPU context switching strategy: * Pick the FPU context switching strategy:
*
* When eagerfpu is AUTO or ENABLE, we ensure it is ENABLE if either of
* the following is true:
*
* (1) the cpu has xsaveopt, as it has the optimization and doing eager
* FPU switching has a relatively low cost compared to a plain xsave;
* (2) the cpu has xsave features (e.g. MPX) that depend on eager FPU
* switching. Should the kernel boot with noxsaveopt, we support MPX
* with eager FPU switching at a higher cost.
*/ */
static void __init fpu__init_system_ctx_switch(void) static void __init fpu__init_system_ctx_switch(void)
{ {
...@@ -280,19 +318,11 @@ static void __init fpu__init_system_ctx_switch(void) ...@@ -280,19 +318,11 @@ static void __init fpu__init_system_ctx_switch(void)
WARN_ON_FPU(current->thread.fpu.fpstate_active); WARN_ON_FPU(current->thread.fpu.fpstate_active);
current_thread_info()->status = 0; current_thread_info()->status = 0;
/* Auto enable eagerfpu for xsaveopt */
if (cpu_has_xsaveopt && eagerfpu != DISABLE) if (cpu_has_xsaveopt && eagerfpu != DISABLE)
eagerfpu = ENABLE; eagerfpu = ENABLE;
if (xfeatures_mask & XFEATURE_MASK_EAGER) { if (xfeatures_mask & XFEATURE_MASK_EAGER)
if (eagerfpu == DISABLE) {
pr_err("x86/fpu: eagerfpu switching disabled, disabling the following xstate features: 0x%llx.\n",
xfeatures_mask & XFEATURE_MASK_EAGER);
xfeatures_mask &= ~XFEATURE_MASK_EAGER;
} else {
eagerfpu = ENABLE; eagerfpu = ENABLE;
}
}
if (eagerfpu == ENABLE) if (eagerfpu == ENABLE)
setup_force_cpu_cap(X86_FEATURE_EAGER_FPU); setup_force_cpu_cap(X86_FEATURE_EAGER_FPU);
...@@ -310,10 +340,12 @@ static void __init fpu__init_parse_early_param(void) ...@@ -310,10 +340,12 @@ static void __init fpu__init_parse_early_param(void)
* No need to check "eagerfpu=auto" again, since it is the * No need to check "eagerfpu=auto" again, since it is the
* initial default. * initial default.
*/ */
if (cmdline_find_option_bool(boot_command_line, "eagerfpu=off")) if (cmdline_find_option_bool(boot_command_line, "eagerfpu=off")) {
eagerfpu = DISABLE; eagerfpu = DISABLE;
else if (cmdline_find_option_bool(boot_command_line, "eagerfpu=on")) fpu__clear_eager_fpu_features();
} else if (cmdline_find_option_bool(boot_command_line, "eagerfpu=on")) {
eagerfpu = ENABLE; eagerfpu = ENABLE;
}
if (cmdline_find_option_bool(boot_command_line, "no387")) if (cmdline_find_option_bool(boot_command_line, "no387"))
setup_clear_cpu_cap(X86_FEATURE_FPU); setup_clear_cpu_cap(X86_FEATURE_FPU);
......
...@@ -632,8 +632,7 @@ void __init fpu__init_system_xstate(void) ...@@ -632,8 +632,7 @@ void __init fpu__init_system_xstate(void)
BUG(); BUG();
} }
/* Support only the state known to the OS: */ xfeatures_mask &= fpu__get_supported_xfeatures_mask();
xfeatures_mask = xfeatures_mask & XCNTXT_MASK;
/* Enable xstate instructions to be able to continue with initialization: */ /* Enable xstate instructions to be able to continue with initialization: */
fpu__init_cpu_xstate(); fpu__init_cpu_xstate();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment