From nobody Sun Feb 8 14:57:25 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D654B1D1F63 for ; Tue, 19 Nov 2024 17:45:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732038341; cv=none; b=JxhEJVJDPgdO5wAoN+YF243IlTb0ooM+9A02/wDYUnCMiMbdHeDRNiSLZcIYCqtC2/LCD/BzavqfOdw2Kh5x72F3WEnkdLVwXG4xOK0fCBJHyr0B83BG6c21PZpP0J4NGCUJTw7vwTkmnriLKPnOiGQUggKaJbOpQa0zEr9LYDA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732038341; c=relaxed/simple; bh=eU/qyfu9SYbhbKY0LDgYJfXweCqyIQQ30wNZkpEqKZ0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lnX3zcfh+AsC/ew5qPNCIqbqgWnnl1C1Lf6BFLOheGyfI3AlP0DJQ+5cwWyoDbGpJorvM5EbWyFrxUZW5ImXp71JOY+qk7u5b6EGBxhLUUHD69+uFL9hNZYY5o1IC1jpNw/uYUX5GpXEB8hIdZJRsAXzSyrgFyCHr9FmCsH+ejg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=ohcQ2O70; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="ohcQ2O70" Received: from pps.filterd (m0333521.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4AJHBeaP027702; Tue, 19 Nov 2024 17:45:24 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2023-11-20; bh=qVFSs YtpSN+8HQMiFEXULeflm09g1nM0CNxUcxumWoM=; b=ohcQ2O70+bPvlrt0VTPjT uhYY9DOjwtaxgpA3DPSoOtRveq587leXwBTv/gBCSpTqHCaL9N5CGvq9pAHWrHqf wGJRgnwFXMTK3+fvMGcgvZNPBWgsoW75TS2H/WBRP1zNHm7NqS1HXOYJ8q0u97KK ahpdh48xzfdFZh5uxAGEzVeKfJWb7ZcymPLejR/Y7wBni9SuZY3JI+2e1Q+fK8UP 0k+QbnJ5MJiA9vmIXhhvKezoGuu2Cb3RKM/adJGj2M1H2JG4GOPMLP0IqVLYT+/W jmJTV+Bzcwy0FvQqwz31uxSmVPBfshlZBRX6KXdFFzlvR/jLzhG8UQM/zN9O36fY g== Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.appoci.oracle.com [130.35.100.223]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 42xjaa5kqs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 19 Nov 2024 17:45:23 +0000 (GMT) Received: from pps.filterd (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 4AJHYSdm023193; Tue, 19 Nov 2024 17:45:22 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 42xhu99djb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 19 Nov 2024 17:45:22 +0000 Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4AJHfRnb008507; Tue, 19 Nov 2024 17:45:21 GMT Received: from aruramak-dev.osdevelopmeniad.oraclevcn.com (aruramak-dev.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.253.155]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTP id 42xhu99dh7-2; Tue, 19 Nov 2024 17:45:21 +0000 From: Aruna Ramakrishna To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, dave.hansen@linux.intel.com, tglx@linutronix.de, mingo@kernel.org, rudi.horn@oracle.com, joe.jin@oracle.com, aruna.ramakrishna@oracle.com Subject: [PATCH v3 1/2] x86/pkeys: Change caller of update_pkru_in_sigframe() Date: Tue, 19 Nov 2024 17:45:19 +0000 Message-ID: <20241119174520.3987538-2-aruna.ramakrishna@oracle.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241119174520.3987538-1-aruna.ramakrishna@oracle.com> References: <20241119174520.3987538-1-aruna.ramakrishna@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.62.30 definitions=2024-11-19_09,2024-11-18_01,2024-09-30_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 bulkscore=0 suspectscore=0 phishscore=0 spamscore=0 mlxscore=0 malwarescore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2409260000 definitions=main-2411190132 X-Proofpoint-ORIG-GUID: wsEtDh-aey2T6ZdNR_TITYoQrgE8bjfO X-Proofpoint-GUID: wsEtDh-aey2T6ZdNR_TITYoQrgE8bjfO Content-Type: text/plain; charset="utf-8" The commit 70044df250d0 ("x86/pkeys: Update PKRU to enable all pkeys before XSAVE") enables all pkeys before XSAVE to allow writing data to the sigaltstack (i.e. it does a wrpkru(0)). However, when PKRU is set to 0, it has the side effect of setting XINUSE[PKRU] to 0 on AMD systems, but not on Intel - this in turn sets XSTATE_BV[PKRU] to 0. XRSTOR will not restore the component i from the XSAVE area if XSTATE_BV[i] is 0 - effectively ignoring the value of PKRU updated on the sigframe by update_pkru_in_sigframe(). This means that PKRU stays at 0 when control is returned back to the user after signal handling, which is unexpected. To fix this, and to ensure that PKRU is always restored correctly from the XSAVE data on both Intel and AMD systems, explicitly set XSTATE_BV[PKRU] to 1. This change is split into 2 patches - the first one merely changes the caller of update_pkru_in_sigframe(), but the behavior remains the same. The next patch will update the XSTATE_BV bit for PKRU. No functional changes. Signed-off-by: Aruna Ramakrishna --- arch/x86/kernel/fpu/signal.c | 20 ++------------------ arch/x86/kernel/fpu/xstate.h | 15 ++++++++++++++- 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 1065ab995305..8f62e0666dea 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -63,16 +63,6 @@ static inline bool check_xstate_in_sigframe(struct fxreg= s_state __user *fxbuf, return true; } =20 -/* - * Update the value of PKRU register that was already pushed onto the sign= al frame. - */ -static inline int update_pkru_in_sigframe(struct xregs_state __user *buf, = u32 pkru) -{ - if (unlikely(!cpu_feature_enabled(X86_FEATURE_OSPKE))) - return 0; - return __put_user(pkru, (unsigned int __user *)get_xsave_addr_user(buf, X= FEATURE_PKRU)); -} - /* * Signal frame handlers. */ @@ -168,14 +158,8 @@ static inline bool save_xstate_epilog(void __user *buf= , int ia32_frame, =20 static inline int copy_fpregs_to_sigframe(struct xregs_state __user *buf, = u32 pkru) { - int err =3D 0; - - if (use_xsave()) { - err =3D xsave_to_user_sigframe(buf); - if (!err) - err =3D update_pkru_in_sigframe(buf, pkru); - return err; - } + if (use_xsave()) + return xsave_to_user_sigframe(buf, pkru); =20 if (use_fxsr()) return fxsave_to_user_sigframe((struct fxregs_state __user *) buf); diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 0b86a5002c84..6b2924fbe5b8 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -69,6 +69,16 @@ static inline u64 xfeatures_mask_independent(void) return fpu_kernel_cfg.independent_features; } =20 +/* + * Update the value of PKRU register that was already pushed onto the sign= al frame. + */ +static inline int update_pkru_in_sigframe(struct xregs_state __user *buf, = u32 pkru) +{ + if (unlikely(!cpu_feature_enabled(X86_FEATURE_OSPKE))) + return 0; + return __put_user(pkru, (unsigned int __user *)get_xsave_addr_user(buf, X= FEATURE_PKRU)); +} + /* XSAVE/XRSTOR wrapper functions */ =20 #ifdef CONFIG_X86_64 @@ -256,7 +266,7 @@ static inline u64 xfeatures_need_sigframe_write(void) * The caller has to zero buf::header before calling this because XSAVE* * does not touch the reserved fields in the header. */ -static inline int xsave_to_user_sigframe(struct xregs_state __user *buf) +static inline int xsave_to_user_sigframe(struct xregs_state __user *buf, u= 32 pkru) { /* * Include the features which are not xsaved/rstored by the kernel @@ -281,6 +291,9 @@ static inline int xsave_to_user_sigframe(struct xregs_s= tate __user *buf) XSTATE_OP(XSAVE, buf, lmask, hmask, err); clac(); =20 + if (!err) + err =3D update_pkru_in_sigframe(buf, pkru); + return err; } =20 --=20 2.43.5 From nobody Sun Feb 8 14:57:25 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D64FD1D1F44 for ; Tue, 19 Nov 2024 17:45:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732038341; cv=none; b=Ic/AaYAzrElvffwdDxA7/qPp/dp0kZon0Y+NyOJg5Ao4w0Bo+IdBG1ymtPTVoh8gR21FkMJa+fe09s7OJ+UogSl7EdbgJ55iWTHlLTa/brpzkM5incnsTpmvTQq4VnZ4sVdAPjETmOx+IOoalDPdH+wX0LdDZdexC5YG+fIlWMg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732038341; c=relaxed/simple; bh=ARZC07e2VA7V52AR6e6Yzy7xH9dv/4TYd1Swx9rjPDY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rlsW6fhV0rNIQAHUlQlzqeDW1TgQo+kA/s+MQD7PsiWhWNjsCMqQ79Qfxo/+FOXd3K70QQryoAUDds8gmm2JxMuAPdHi9alhkjuXLRhb7wOtEcImohwwlY7I4QkC7ky1WE+WW3UxQkpzn/e21efHLXWng/PvCn2gb4Tar+J6sMU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=ARrTl3S2; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="ARrTl3S2" Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4AJHBjU7011388; Tue, 19 Nov 2024 17:45:24 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2023-11-20; bh=oCfH9 2pQ9Va7b0K62RUYg0DlgYPYNRosAahDiewCId8=; b=ARrTl3S2y6tzqAjsc7kzi mSrS9+SsatXH2u2pUc8kPbEljzMYZQpGW6PLyvOdg9avikFFFlLtyq9SBJ6YStdI 9guMIHkx8vbyTf2BJnMxrjShv7YZeLWnNGoKhmODj+1lDa443c9O2p9YW78P7L9f HwrH/4VwHKZYGyllwkJ4lrgCjERbCa8FLwmHM/U6v893K6+olWnjYG2xPmyflDa0 Pi/NZY/+/qSdr3cWOachUc8wUXeIVK07qhwcfKTdaKi5zMgwULo2ZayZQbS7paZB oOE6ZwMWj/HLJTFlb8d92ykOI8eTD7Jw3S8trBipCow1M1haKVwv6y3crF5BquPe Q== Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.appoci.oracle.com [130.35.100.223]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 42xhyydk46-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 19 Nov 2024 17:45:24 +0000 (GMT) Received: from pps.filterd (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 4AJHIDkP023119; Tue, 19 Nov 2024 17:45:22 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 42xhu99djn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 19 Nov 2024 17:45:22 +0000 Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4AJHfRnd008507; Tue, 19 Nov 2024 17:45:22 GMT Received: from aruramak-dev.osdevelopmeniad.oraclevcn.com (aruramak-dev.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.253.155]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTP id 42xhu99dh7-3; Tue, 19 Nov 2024 17:45:22 +0000 From: Aruna Ramakrishna To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, dave.hansen@linux.intel.com, tglx@linutronix.de, mingo@kernel.org, rudi.horn@oracle.com, joe.jin@oracle.com, aruna.ramakrishna@oracle.com Subject: [PATCH v3 2/2] x86/pkeys: Set XSTATE_BV[PKRU] to 1 so that PKRU is XRSTOR'd correctly Date: Tue, 19 Nov 2024 17:45:20 +0000 Message-ID: <20241119174520.3987538-3-aruna.ramakrishna@oracle.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241119174520.3987538-1-aruna.ramakrishna@oracle.com> References: <20241119174520.3987538-1-aruna.ramakrishna@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.62.30 definitions=2024-11-19_09,2024-11-18_01,2024-09-30_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 bulkscore=0 suspectscore=0 phishscore=0 spamscore=0 mlxscore=0 malwarescore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2409260000 definitions=main-2411190132 X-Proofpoint-ORIG-GUID: efD9yKEYH-nh7erbRnLOah8AIbK0k4xD X-Proofpoint-GUID: efD9yKEYH-nh7erbRnLOah8AIbK0k4xD Content-Type: text/plain; charset="utf-8" PKRU value is not XRSTOR'd from the XSAVE area if the corresponding XSTATE_BV[i] bit is 0. A wrpkru(0) sets XSTATE_BV[PKRU] to 0 on AMD systems, which means the PKRU value updated on the sigframe later on, in update_pkru_in_sigframe(), is ignored. To make this behavior consistent across Intel and AMD systems, and to ensure that the PKRU value updated on the sigframe is always restored correctly, explicitly set XSTATE_BV[PKRU] to 1. Fixes: 70044df250d0 ("x86/pkeys: Update PKRU to enable all pkeys before XSA= VE") Signed-off-by: Aruna Ramakrishna Suggested-by: Rudi Horn Acked-by: Dave Hansen --- arch/x86/kernel/fpu/xstate.h | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 6b2924fbe5b8..aa16f1a1bbcf 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -72,10 +72,22 @@ static inline u64 xfeatures_mask_independent(void) /* * Update the value of PKRU register that was already pushed onto the sign= al frame. */ -static inline int update_pkru_in_sigframe(struct xregs_state __user *buf, = u32 pkru) +static inline int update_pkru_in_sigframe(struct xregs_state __user *buf, = u64 mask, u32 pkru) { + u64 xstate_bv; + int err; + if (unlikely(!cpu_feature_enabled(X86_FEATURE_OSPKE))) return 0; + + /* Mark PKRU as in-use so that it is restored correctly. */ + xstate_bv =3D (mask & xfeatures_in_use()) | XFEATURE_MASK_PKRU; + + err =3D __put_user(xstate_bv, &buf->header.xfeatures); + if (err) + return err; + + /* Update PKRU value in the userspace xsave buffer. */ return __put_user(pkru, (unsigned int __user *)get_xsave_addr_user(buf, X= FEATURE_PKRU)); } =20 @@ -292,7 +304,7 @@ static inline int xsave_to_user_sigframe(struct xregs_s= tate __user *buf, u32 pkr clac(); =20 if (!err) - err =3D update_pkru_in_sigframe(buf, pkru); + err =3D update_pkru_in_sigframe(buf, mask, pkru); =20 return err; } --=20 2.43.5