Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack

[PATCH v5 00/27] Control Flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 01/27] x86/cpufeatures: Add CPUIDs for Control Flow Enforcement Technology (CET) · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 01/27] x86/cpufeatures: Add CPUIDs for Control Flow Enforcement Technology (CET) · Borislav Petkov <bp@alien8.de> · 2018-10-11
Re: [PATCH v5 01/27] x86/cpufeatures: Add CPUIDs for Control Flow Enforcement Technology (CET) · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Borislav Petkov <bp@alien8.de> · 2018-10-17
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Randy Dunlap <hidden> · 2018-10-17
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Borislav Petkov <bp@alien8.de> · 2018-10-17
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Randy Dunlap <hidden> · 2018-10-17
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Borislav Petkov <bp@alien8.de> · 2018-10-18
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Pavel Machek <hidden> · 2018-10-18
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Borislav Petkov <bp@alien8.de> · 2018-10-18
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Randy Dunlap <hidden> · 2018-10-18
Re: [PATCH v5 03/27] x86/fpu/xstate: Introduce XSAVES system states · Pavel Machek <hidden> · 2018-10-18
[PATCH v5 08/27] x86/cet/shstk: Add Kconfig option for user-mode shadow stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 05/27] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 05/27] Documentation/x86: Add CET description · Borislav Petkov <bp@alien8.de> · 2018-11-13
Re: [PATCH v5 05/27] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2018-11-13
[PATCH v5 09/27] mm: Introduce VM_SHSTK for shadow stack memory · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 23/27] x86/cet/shstk: ELF header parsing of Shadow Stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 17/27] mm: Handle THP/HugeTLB shadow stack page fault · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 26/27] x86/cet/shstk: Add arch_prctl functions for Shadow Stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 27/27] x86/cet/shstk: Add Shadow Stack instructions to opcode map · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 24/27] x86/cet/shstk: Handle thread shadow stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 22/27] x86/cet/shstk: Signal handling for shadow stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 16/27] mm: Handle shadow stack page fault · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 25/27] mm/mmap: Add Shadow stack pages to memory accounting · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 20/27] x86/cet/shstk: User-mode shadow stack support · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 18/27] mm: Update can_follow_write_pte/pmd for shadow stack · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Jann Horn <jannh@google.com> · 2018-10-11
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Andy Lutomirski <luto@amacapital.net> · 2018-10-11
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Yu-cheng Yu <hidden> · 2018-10-12
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Matthew Wilcox <willy@infradead.org> · 2018-10-12
Re: [PATCH v5 07/27] mm/mmap: Create a guard area between VMAs · Dave Hansen <dave.hansen@linux.intel.com> · 2018-10-11
[PATCH v5 12/27] x86/mm: Introduce _PAGE_DIRTY_SW · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 21/27] x86/cet/shstk: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 21/27] x86/cet/shstk: Introduce WRUSS instruction · Dave Hansen <hidden> · 2018-11-06
Re: [PATCH v5 21/27] x86/cet/shstk: Introduce WRUSS instruction · Andy Lutomirski <luto@amacapital.net> · 2018-11-06
Re: [PATCH v5 21/27] x86/cet/shstk: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-11-06
[PATCH v5 19/27] mm: Introduce do_mmap_locked() · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 14/27] x86/mm: Modify ptep_set_wrprotect and pmdp_set_wrprotect for _PAGE_DIRTY_SW · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 11/27] x86/mm: Change _PAGE_DIRTY to _PAGE_DIRTY_HW · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 02/27] x86/fpu/xstate: Change names to separate XSAVES system and user states · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 02/27] x86/fpu/xstate: Change names to separate XSAVES system and user states · Borislav Petkov <bp@alien8.de> · 2018-10-15
[PATCH v5 15/27] x86/mm: Shadow stack page fault error checking · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 13/27] drm/i915/gvt: Update _PAGE_DIRTY to _PAGE_DIRTY_BITS · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 10/27] mm/mmap: Prevent Shadow Stack VMA merges · Yu-cheng Yu <hidden> · 2018-10-11
[PATCH v5 06/27] x86/cet: Control protection exception handler · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 06/27] x86/cet: Control protection exception handler · Borislav Petkov <bp@alien8.de> · 2018-11-14
Re: [PATCH v5 06/27] x86/cet: Control protection exception handler · Yu-cheng Yu <hidden> · 2018-11-14
Re: [PATCH v5 06/27] x86/cet: Control protection exception handler · Borislav Petkov <bp@alien8.de> · 2018-11-14
[PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Yu-cheng Yu <hidden> · 2018-10-11
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Borislav Petkov <bp@alien8.de> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Yu-cheng Yu <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Borislav Petkov <bp@alien8.de> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Pavel Machek <hidden> · 2018-11-11
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Pavel Machek <hidden> · 2018-11-11
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-11-11
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Pavel Machek <hidden> · 2018-11-11
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Yu-cheng Yu <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Cyrill Gorcunov <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Cyrill Gorcunov <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Dave Hansen <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Matthew Wilcox <willy@infradead.org> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Dave Hansen <hidden> · 2018-11-08
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Matthew Wilcox <willy@infradead.org> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Dave Hansen <hidden> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Matthew Wilcox <willy@infradead.org> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Dave Hansen <hidden> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Dave Hansen <hidden> · 2018-11-09
Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack · Pavel Machek <hidden> · 2018-11-11
Re: [PATCH v5 00/27] Control Flow Enforcement: Shadow Stack · Dave Hansen <dave.hansen@linux.intel.com> · 2018-10-11
Re: [PATCH v5 00/27] Control Flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2018-10-11

From: Borislav Petkov <bp@alien8.de>
Date: 2018-11-08 23:53:03
Also in: linux-api, linux-arch, linux-doc, linux-mm

On Thu, Nov 08, 2018 at 12:40:02PM -0800, Yu-cheng Yu wrote:

In fpu_init_system_xstate(), we test and clear features that are not enabled.
There we depend on the order of these elements.  This is the tenth "unknown
xstate feature".

Aha, those are *reserved* bits - not unused, in XCR0.

Do an s/unused/reserved/g pls.

Now let's see, you have 0 for the 10th bit which happens to be

#define X86_FEATURE_FPU                 ( 0*32+ 0) /* Onboard FPU */

too. And if we look at the code:

        for (i = 0; i < ARRAY_SIZE(xsave_cpuid_features); i++) {
                if (!boot_cpu_has(xsave_cpuid_features[i]))
                        xfeatures_mask_all &= ~BIT_ULL(i);

guess what happens if i == 10.

I know, the subsequent & SUPPORTED_XFEATURES_MASK saves you from the
#GP but that's still not good enough. The loop should not even call
boot_cpu_has() for reserved feature bits.

Thx.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help