From patchwork Tue Sep 15 11:36:36 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 53636 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-la0-f72.google.com (mail-la0-f72.google.com [209.85.215.72]) by patches.linaro.org (Postfix) with ESMTPS id 6785A22A22 for ; Tue, 15 Sep 2015 11:38:29 +0000 (UTC) Received: by lagj9 with SMTP id j9sf62842859lag.0 for ; Tue, 15 Sep 2015 04:38:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:subject:date:message-id :precedence:list-id:list-unsubscribe:list-archive:list-post :list-help:list-subscribe:cc:mime-version:content-type :content-transfer-encoding:sender:errors-to:x-original-sender :x-original-authentication-results:mailing-list; bh=C9tuj5lRSidzhMf4L94yFMAky7nmmM7ksWGEDq0Byqc=; b=HBO4Spk0srniA5bwyaWyCYIT5HRRVcTqTd/Lxx8N48R+2gXRMrh/z0/fNHNCsh6Sy9 qINX4aLjBDdpkoMmy8gabH/tPk6C1PBqr4Vvcs/uYIZS7OAtuyQ+0ECvdMsY1JgSdNpQ /MA2us3CfPzTzb712RJ7izLR8Nx7qMiTVkh0p+InYc/Fk1JCO3S+BiU93CE4xwQVoV3J OcWsPDZteC3fy/RNbe2s3VV8Ea5wG50tKaaG9BMP4i+XnhWp/FejFbm3XIadIhRBBiNR S2g/rUFTD/EufZR/Y0VZvD7j/D8NIDrk8951h0B4Yxsb7awS1cvQcgk6XP9Gkkuc8ztW rpvQ== X-Gm-Message-State: ALoCoQljspw0fYH0LCPU7JxDUu0dK1nNZ9ByX/6Zgyi3EKCsHt0x0V8wItB2BSOVyHF4FbXaUuA0 X-Received: by 10.152.29.10 with SMTP id f10mr1929248lah.1.1442317108146; Tue, 15 Sep 2015 04:38:28 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.37.138 with SMTP id y10ls150541laj.35.gmail; Tue, 15 Sep 2015 04:38:27 -0700 (PDT) X-Received: by 10.112.156.167 with SMTP id wf7mr20172665lbb.88.1442317107942; Tue, 15 Sep 2015 04:38:27 -0700 (PDT) Received: from mail-la0-f50.google.com (mail-la0-f50.google.com. [209.85.215.50]) by mx.google.com with ESMTPS id q9si7193391laj.173.2015.09.15.04.38.27 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 15 Sep 2015 04:38:27 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.50 as permitted sender) client-ip=209.85.215.50; Received: by lamp12 with SMTP id p12so104212428lam.0 for ; Tue, 15 Sep 2015 04:38:27 -0700 (PDT) X-Received: by 10.112.17.34 with SMTP id l2mr9387561lbd.117.1442317107705; Tue, 15 Sep 2015 04:38:27 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.59.35 with SMTP id w3csp1744332lbq; Tue, 15 Sep 2015 04:38:26 -0700 (PDT) X-Received: by 10.50.70.67 with SMTP id k3mr4962444igu.76.1442317106723; Tue, 15 Sep 2015 04:38:26 -0700 (PDT) Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id t18si10736535igd.65.2015.09.15.04.38.25 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 15 Sep 2015 04:38:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZboXw-00089F-4I; Tue, 15 Sep 2015 11:37:12 +0000 Received: from cam-admin0.cambridge.arm.com ([217.140.96.50]) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZboXm-0007rw-TC for linux-arm-kernel@lists.infradead.org; Tue, 15 Sep 2015 11:37:04 +0000 Received: from edgewater-inn.cambridge.arm.com (edgewater-inn.cambridge.arm.com [10.1.203.139]) by cam-admin0.cambridge.arm.com (8.12.6/8.12.6) with ESMTP id t8FBacwo027053; Tue, 15 Sep 2015 12:36:38 +0100 (BST) Received: by edgewater-inn.cambridge.arm.com (Postfix, from userid 1000) id 9DCCE1AE33D8; Tue, 15 Sep 2015 12:36:44 +0100 (BST) From: Will Deacon To: linux-arm-kernel@lists.infradead.org Subject: [PATCH 1/2] arm64: fpsimd: Fix FPSIMD corruption in rt_sigreturn with CONFIG_PREEMPT Date: Tue, 15 Sep 2015 12:36:36 +0100 Message-Id: <1442316997-32282-1-git-send-email-will.deacon@arm.com> X-Mailer: git-send-email 2.1.4 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20150915_043703_299792_DC6D8279 X-CRM114-Status: GOOD ( 12.95 ) X-Spam-Score: -6.9 (------) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-6.9 points) pts rule name description ---- ---------------------- -------------------------------------------------- -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/, high trust [217.140.96.50 listed in list.dnswl.org] -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Cc: mark.rutland@arm.com, ard.biesheuvel@linaro.org, catalin.marinas@arm.com, victor.kamensky@linaro.org, Will Deacon , Dave.Martin@arm.com MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: will.deacon@arm.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.50 as permitted sender) smtp.mailfrom=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 From: Dave P Martin The arm64 context switch implementation uses a flag TIF_FOREIGN_FPSTATE to track whether the hardware FPSIMD regs are out of sync with the logical state of current's registers. During sigreturn, the registers and task_struct are temporarily out of sync, between writing the task_struct and loading its contents back into the FPSIMD registers -- however, TIF_FOREIGN_FPSTATE is not set. This can cause the context switch code to discard some or all of the restored FPSIMD state if preemption occurs during the critical region of rt_sigreturn. This patch sets TIF_FOREIGN_FPSTATE before transferring the sigframe's saved registers back to the task_struct, so that the task_struct data will take precedence over the hardware registers if a context switch occurs before everything is back in sync. Signed-off-by: Dave Martin [will: removed preempt_{enable,disable} calls, added compat version] Signed-off-by: Will Deacon --- arch/arm64/kernel/signal.c | 3 +++ arch/arm64/kernel/signal32.c | 2 ++ 2 files changed, 5 insertions(+) diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index e18c48cb6db1..6d50d839b6e9 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -79,6 +79,9 @@ static int restore_fpsimd_context(struct fpsimd_context __user *ctx) if (magic != FPSIMD_MAGIC || size != sizeof(struct fpsimd_context)) return -EINVAL; + /* Ensure we don't reload stale data from the hardware registers */ + set_ti_thread_flag(current_thread_info(), TIF_FOREIGN_FPSTATE); + /* copy the FP and status/control registers */ err = __copy_from_user(fpsimd.vregs, ctx->vregs, sizeof(fpsimd.vregs)); diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c index 948f0ad2de23..ae46ffad5aea 100644 --- a/arch/arm64/kernel/signal32.c +++ b/arch/arm64/kernel/signal32.c @@ -273,6 +273,8 @@ static int compat_restore_vfp_context(struct compat_vfp_sigframe __user *frame) if (magic != VFP_MAGIC || size != VFP_STORAGE_SIZE) return -EINVAL; + set_ti_thread_flag(current_thread_info(), TIF_FOREIGN_FPSTATE); + /* * Copy the FP registers into the start of the fpsimd_state. * FIXME: Won't work if big endian.