diff options
| author | Ingo Molnar <mingo@kernel.org> | 2015-04-29 08:46:26 +0200 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2015-05-19 15:48:02 +0200 |
| commit | 2e85591a6ca2ad84741d2859753be5497d74bd42 (patch) | |
| tree | 4a13e18e3de89e18ccc94adbc5fa58a83c0593cb /arch | |
| parent | b1276c48e91bee869454301d3678cc49d8f57ab4 (diff) | |
| download | linux-stable-2e85591a6ca2ad84741d2859753be5497d74bd42.tar.gz linux-stable-2e85591a6ca2ad84741d2859753be5497d74bd42.tar.bz2 linux-stable-2e85591a6ca2ad84741d2859753be5497d74bd42.zip | |
x86/fpu: Better document fpu__clear() state handling
So prior to this fix:
c88d47480d30 ("x86/fpu: Always restore_xinit_state() when use_eager_cpu()")
we leaked FPU state across execve() boundaries on eagerfpu systems:
$ /host/home/mingo/dump-xmm-regs-exec
# XMM state before execve():
XMM0 : 000000000000dede
XMM1 : 000000000000dedf
XMM2 : 000000000000dee0
XMM3 : 000000000000dee1
XMM4 : 000000000000dee2
XMM5 : 000000000000dee3
XMM6 : 000000000000dee4
XMM7 : 000000000000dee5
XMM8 : 000000000000dee6
XMM9 : 000000000000dee7
XMM10: 000000000000dee8
XMM11: 000000000000dee9
XMM12: 000000000000deea
XMM13: 000000000000deeb
XMM14: 000000000000deec
XMM15: 000000000000deed
# XMM state after execve(), in the new task context:
XMM0 : 0000000000000000
XMM1 : 2f2f2f2f2f2f2f2f
XMM2 : 0000000000000000
XMM3 : 0000000000000000
XMM4 : 00000000000000ff
XMM5 : 00000000ff000000
XMM6 : 000000000000dee4
XMM7 : 000000000000dee5
XMM8 : 0000000000000000
XMM9 : 0000000000000000
XMM10: 0000000000000000
XMM11: 0000000000000000
XMM12: 0000000000000000
XMM13: 000000000000deeb
XMM14: 000000000000deec
XMM15: 000000000000deed
Better explain what this function is supposed to do and why.
Reviewed-by: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/kernel/fpu/core.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 91b9935021c4..a2e2da2b08c5 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -348,6 +348,10 @@ void fpu__restore(void) } EXPORT_SYMBOL_GPL(fpu__restore); +/* + * Called by sys_execve() to clear the FPU fpregs, so that FPU state + * of the previous binary does not leak over into the exec()ed binary: + */ void fpu__clear(struct task_struct *tsk) { struct fpu *fpu = &tsk->thread.fpu; |