leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8205d5d98e
linux/arch/powerpc/kernel
History
Gustavo Romero 8205d5d98e powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction 
When we take an FP unavailable exception in a transaction we have to
account for the hardware FP TM checkpointed registers being
incorrect. In this case for this process we know the current and
checkpointed FP registers must be the same (since FP wasn't used
inside the transaction) hence in the thread_struct we copy the current
FP registers to the checkpointed ones.

This copy is done in tm_reclaim_thread(). We use thread->ckpt_regs.msr
to determine if FP was on when in userspace. thread->ckpt_regs.msr
represents the state of the MSR when exiting userspace. This is setup
by check_if_tm_restore_required().

Unfortunatley there is an optimisation in giveup_all() which returns
early if tsk->thread.regs->msr (via local variable `usermsr`) has
FP=VEC=VSX=SPE=0. This optimisation means that
check_if_tm_restore_required() is not called and hence
thread->ckpt_regs.msr is not updated and will contain an old value.

This can happen if due to load_fp=255 we start a userspace process
with MSR FP=1 and then we are context switched out. In this case
thread->ckpt_regs.msr will contain FP=1. If that same process is then
context switched in and load_fp overflows, MSR will have FP=0. If that
process now enters a transaction and does an FP instruction, the FP
unavailable will not update thread->ckpt_regs.msr (the bug) and MSR
FP=1 will be retained in thread->ckpt_regs.msr.  tm_reclaim_thread()
will then not perform the required memcpy and the checkpointed FP regs
in the thread struct will contain the wrong values.

The code path for this happening is:

       Userspace:                      Kernel
                   Start userspace
                    with MSR FP/VEC/VSX/SPE=0 TM=1
                      < -----
       ...
       tbegin
       bne
       fp instruction
                   FP unavailable
                       ---- >
                                        fp_unavailable_tm()
					  tm_reclaim_current()
					    tm_reclaim_thread()
					      giveup_all()
					        return early since FP/VMX/VSX=0
						/* ckpt MSR not updated (Incorrect) */
					      tm_reclaim()
					        /* thread_struct ckpt FP regs contain junk (OK) */
                                              /* Sees ckpt MSR FP=1 (Incorrect) */
					      no memcpy() performed
					        /* thread_struct ckpt FP regs not fixed (Incorrect) */
					  tm_recheckpoint()
					     /* Put junk in hardware checkpoint FP regs */
                                         ....
                      < -----
                   Return to userspace
                     with MSR TM=1 FP=1
                     with junk in the FP TM checkpoint
       TM rollback
       reads FP junk

This is a data integrity problem for the current process as the FP
registers are corrupted. It's also a security problem as the FP
registers from one process may be leaked to another.

This patch moves up check_if_tm_restore_required() in giveup_all() to
ensure thread->ckpt_regs.msr is updated correctly.

A simple testcase to replicate this will be posted to
tools/testing/selftests/powerpc/tm/tm-poison.c

Similarly for VMX.

This fixes CVE-2019-15030.

Fixes: f48e91e87e ("powerpc/tm: Fix FP and VMX register corruption")
Cc: stable@vger.kernel.org # 4.12+
Signed-off-by: Gustavo Romero <gromero@linux.vnet.ibm.com>
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20190904045529.23002-1-gromero@linux.vnet.ibm.com
2019-09-04 22:31:13 +10:00
..
syscalls powerpc: Wire up clone3 syscall 2019-07-29 09:34:27 +10:00
trace powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
vdso32 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
vdso64 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
.gitignore
align.c powerpc/spe: Mark expected switch fall-throughs 2019-07-31 00:19:34 +10:00
asm-offsets.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
audit.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
btext.c powerpc: Rework btext_find_display to use of_stdout and device_type helpers 2018-11-26 22:33:37 +11:00
cacheinfo.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
cacheinfo.h powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild 2019-06-15 16:52:06 +10:00
compat_audit.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cpu_setup_6xx.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cpu_setup_44x.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cpu_setup_fsl_booke.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cpu_setup_pa6t.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 2019-06-05 17:37:06 +02:00
cpu_setup_power.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cpu_setup_ppc970.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cputable.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
crash_dump.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crash.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
dawr.c powerpc: Fix compile issue with force DAWR 2019-07-03 15:19:35 +10:00
dbell.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dma-common.c powerpc/dma: Fix invalid DMA mmap behavior 2019-07-19 21:29:49 +10:00
dma-iommu.c powerpc/pseries/dma: Allow SWIOTLB 2019-07-03 15:19:35 +10:00
dma-mask.c dma-mapping, powerpc: simplify the arch dma_set_mask override 2019-02-18 22:41:03 +11:00
dma-swiotlb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dt_cpu_ftrs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 191 2019-05-30 11:29:21 -07:00
early_32.c powerpc/32: use memset() instead of memset_io() to zero BSS 2019-05-03 01:20:26 +10:00
eeh_cache.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
eeh_dev.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
eeh_driver.c powerpc/eeh: Improve recovery of passed-through devices 2019-02-05 11:55:44 +11:00
eeh_event.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
eeh_pe.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
eeh_sysfs.c powerpc/eeh: Add include_passed to eeh_pe_state_clear() 2019-02-05 11:55:43 +11:00
eeh.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
entry_32.S powerpc: Wire up clone3 syscall 2019-07-29 09:34:27 +10:00
entry_64.S powerpc: Wire up clone3 syscall 2019-07-29 09:34:27 +10:00
epapr_hcalls.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
epapr_paravirt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 266 2019-06-05 17:30:28 +02:00
exceptions-64e.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
exceptions-64s.S docs: powerpc: convert docs to ReST and rename to *.rst 2019-07-17 06:57:51 -03:00
fadump.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
firmware.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
fpu.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
fsl_booke_entry_mapping.S License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
head_8xx.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
head_32.h powerpc/32: implement fast entry for syscalls on non BOOKE 2019-05-03 01:20:27 +10:00
head_32.S powerpc fixes for 5.2 #5 2019-06-22 09:09:42 -07:00
head_40x.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
head_44x.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
head_64.S powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
head_booke.h powerpc/32: fix build failure on book3e with KVM 2019-06-16 00:03:38 +10:00
head_fsl_booke.S powerpc fixes for 5.2 #5 2019-06-22 09:09:42 -07:00
hw_breakpoint.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
idle_6xx.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
idle_book3e.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
idle_book3s.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
idle_e500.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
idle_power4.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
idle.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ima_kexec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
io-workarounds.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
io.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
iomap.c powerpc: iomap.c: introduce io{read|write}64_{lo_hi|hi_lo} 2018-04-05 14:59:26 +10:00
iommu.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
irq.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
isa-bridge.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
jump_label.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
kexec_elf_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285 2019-06-05 17:36:37 +02:00
kgdb.c powerpc: Activate CONFIG_THREAD_INFO_IN_TASK 2019-02-23 22:31:40 +11:00
kprobes-ftrace.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
kprobes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
kvm_emul.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 266 2019-06-05 17:30:28 +02:00
kvm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 266 2019-06-05 17:30:28 +02:00
l2cr_6xx.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
legacy_serial.c powerpc: Use of_node_name_eq for node name comparisons 2018-12-22 21:29:50 +11:00
machine_kexec_32.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
machine_kexec_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
machine_kexec_file_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285 2019-06-05 17:36:37 +02:00
machine_kexec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
Makefile powerpc/dma: Fix invalid DMA mmap behavior 2019-07-19 21:29:49 +10:00
mce_power.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
mce.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
misc_32.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
misc_64.S powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
misc.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
module_32.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
module_64.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
module.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
module.lds powerpc/modules: Fix alignment of .toc section in kernel modules 2017-12-11 13:03:35 +11:00
msi.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
nvram_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
of_platform.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
optprobes_head.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
optprobes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
paca.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pci_32.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
pci_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pci_dn.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
pci_of_scan.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
pci-common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pci-hotplug.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pmc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ppc32.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ppc_save_regs.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
proc_powerpc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
process.c powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction 2019-09-04 22:31:13 +10:00
prom_init_check.sh powerpc fixes for 5.2 #4 2019-06-15 07:29:32 -10:00
prom_init.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
prom_parse.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
prom.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ptrace32.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
ptrace.c ptrace: move clearing of TIF_SYSCALL_EMU flag to core 2019-06-05 17:51:17 +01:00
reloc_32.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
reloc_64.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rtas_flash.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rtas_pci.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
rtas-proc.c powerpc updates for 4.18 2018-06-07 10:23:33 -07:00
rtas-rtc.c powerpc: use time64_t in read_persistent_clock 2018-06-03 20:43:33 +10:00
rtas.c powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
rtasd.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
security.c powerpc updates for 5.2 2019-05-10 05:29:27 -07:00
setup_32.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
setup_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
setup-common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
setup.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
signal_32.c powerpc/tm: Fix oops on sigreturn on systems without TM 2019-07-22 13:05:23 +10:00
signal_64.c powerpc/tm: Fix oops on sigreturn on systems without TM 2019-07-22 13:05:23 +10:00
signal.c Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
signal.h powerpc/syscalls: signal_{32, 64} - switch to SYSCALL_DEFINE 2018-05-10 23:25:13 +10:00
smp-tbsync.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
stacktrace.c powerpc: Remove export of save_stack_trace_tsk_reliable() 2019-03-02 14:43:05 +11:00
suspend.c PM: hibernate: powerpc: Expose pfn_is_nosave() prototype 2019-06-14 10:48:56 +02:00
swsusp_32.S powerpc/32s: fix suspend/resume when IBATs 4-7 are used 2019-06-19 20:05:07 +10:00
swsusp_64.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505 2019-06-19 17:11:22 +02:00
swsusp_asm64.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505 2019-06-19 17:11:22 +02:00
swsusp_booke.S License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
swsusp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sys_ppc32.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
syscalls.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sysfs.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
systbl_chk.sh treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
systbl.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tau_6xx.c powerpc/tau: Make some function static 2018-05-25 12:04:44 +10:00
time.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tm.S powerpc/tm: update comment about interrupt re-entrancy 2019-07-02 21:39:49 +10:00
traps.c Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2019-07-08 21:48:15 -07:00
udbg_16550.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
udbg.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
uprobes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
vdso.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
vecemu.c powerpc: Add a missing include header 2018-05-25 12:04:46 +10:00
vector.S powerpc/64: Don't trace code that runs with the soft irq mask unreconciled 2019-05-03 01:58:11 +10:00
vmlinux.lds.S powerpc/kconfig: define CONFIG_DATA_SHIFT and CONFIG_ETEXT_SHIFT 2019-02-23 21:04:32 +11:00
watchdog.c powerpc/watchdog: Use hrtimers for per-CPU heartbeat 2019-04-30 11:31:02 +10:00