On Mon, May 31 2021 at 20:56, Thomas Gleixner wrote:
On Mon, May 31 2021 at 12:01, Thomas Gleixner wrote: __fpu__restore_sig()
if (!buf) { fpu__clear_user_states(fpu); return 0; }
and
handle_signal()
if (!failed) fpu__clear_user_states(fpu);
which invoke that function unconditionally.
So we cannot warn there.
This is all wrong and everything should use copy_kernel_to_xstate() after copying the buffer from user space. But of course allocating memory there is daft.
There is also xstateregs_set() which invokes fpstate_init() on fail which means it blows away _ALL_ state including supervisor state.
Even without supervisor state this function is bonkers. If the ptracer provides a bogus data set then this just invalidates the target tasks FPU state for no real good reason.
This should just use a kernel buffer. If the copy from user fails, the caller gets the EFAULT. If the header is bogus, then copy_kernel_to_xstate() returns -EINVAL and that's handed back to the caller. No reason to invalidate anything.
Thanks,
tglx