superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/arch/x86/kernel
History
Andrei Vagin 44eeff9bc4 Revert "x86/fpu: Refine and simplify the magic number check during signal return" 
This reverts

  dc8aa31a7a ("x86/fpu: Refine and simplify the magic number check during signal return").

The aforementioned commit broke applications that construct signal frames in
userspace (such as CRIU and gVisor) if the frame's xstate size is smaller than
the kernel's fpstate->user_size.

Furthermore, this introduces a critical issue for checkpoint/restore tools
like CRIU. If a process is checkpointed while inside a signal handler, its
stack contains a signal frame formatted according to the source host's xstate
capabilities.

If that process is later restored on a destination host with larger xstate
capabilities (e.g., a newer CPU with more features enabled, resulting in
a larger fpstate->user_size), the kernel will look for FP_XSTATE_MAGIC2 at the
destination host's larger user_size offset instead of the offset encoded in
the frame's fx_sw->xstate_size.

This causes the magic2 check to fail, forcing sigreturn to silently fall back
to "FX-only" mode. Upon return from the signal handler, the process's extended
state is reset to initial values instead of being restored, leading to silent
data corruption.

The aforementioned commit cited

  d877550eaf ("x86/fpu: Stop relying on userspace for info to fault in xsave buffer")

as justification to stop relying on userspace for the magic number check.

However, these two changes are fundamentally different. The last one only
changed how much memory the kernel ensures is paged-in before running XRSTOR
to prevent an infinite loop. It did not change the signal frame format or how
the layout is validated.

Reverting this change restores the use of fx_sw->xstate_size for
locating magic2 and restores the necessary sanity checks, ensuring that
the signal frame remains self-describing and portable.

  [ bp: Massage commit message. ]

Fixes: dc8aa31a7a ("x86/fpu: Refine and simplify the magic number check during signal return")
Signed-off-by: Andrei Vagin <avagin@google.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Chang S. Bae <chang.seok.bae@intel.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/20260429000623.3356606-1-avagin@google.com
 		2026-05-29 15:05:30 -07:00
..
acpi Revert "ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn" 2026-05-08 21:14:19 +02:00
apic Miscellaneous x86 cleanups for v7.1: 2026-04-14 14:03:27 -07:00
cpu x86/microcode: Do not access MSR_IA32_PLATFORM_ID when running as a guest 2026-05-26 13:36:23 -07:00
fpu Revert "x86/fpu: Refine and simplify the magic number check during signal return" 2026-05-29 15:05:30 -07:00
kprobes Performance events changes for v6.19: 2025-12-01 20:42:01 -08:00
.gitignore
Makefile x86/kexec: Disable KCOV instrumentation after load_segments() 2026-03-30 14:15:25 +02:00
alternative.c x86/alternative: delay freeing of smp_locks section 2026-04-03 17:38:34 +03:00
amd_gart_64.c dma-mapping updates for Linux 6.19: 2025-12-06 09:25:05 -08:00
amd_nb.c Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
amd_node.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
aperture_64.c x86/platform/amd: Move the <asm/amd_nb.h> header to <asm/amd/nb.h> 2025-04-14 09:34:14 +02:00
apm_32.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
asm-offsets.c x86/entry/vdso32: Remove open-coded DWARF in sigreturn.S 2026-01-13 16:37:58 -08:00
asm-offsets_32.c x86/asm-offsets: Export certain 'struct cpuinfo_x86' fields for 64-bit asm use too 2025-05-15 09:12:07 +02:00
asm-offsets_64.c x86/stackprotector/64: Convert to normal per-CPU variable 2025-02-18 10:15:09 +01:00
audit_64.c
bootflag.c x86/bootflag: Replace open-coded parity calculation with parity8() 2025-02-27 14:00:30 +01:00
callthunks.c x86/paravirt: Remove not needed includes of paravirt.h 2026-01-12 11:26:52 +01:00
cet.c x86/msr: Add explicit includes of <asm/msr.h> 2025-05-02 10:23:47 +02:00
cfi.c x86/traps: Clarify KCFI instruction layout 2025-09-04 21:59:07 +02:00
check.c
cpuid.c
crash.c KVM: x86: Move bulk of emergency virtualizaton logic to virt subsystem 2026-03-04 08:52:49 -08:00
crash_dump_32.c
crash_dump_64.c
devicetree.c x86/of: Don't use DTB for SMP setup if ACPI is enabled 2025-02-25 22:13:02 +01:00
doublefault_32.c
dumpstack.c x86/dumpstack: Prevent KASAN false positive warnings in __show_regs() 2025-10-29 13:07:21 +01:00
dumpstack_32.c x86/irq: Move irq stacks to percpu hot section 2025-03-04 20:30:33 +01:00
dumpstack_64.c x86/irq: Move irq stacks to percpu hot section 2025-03-04 20:30:33 +01:00
e820.c x86/boot/e820: Re-enable BIOS fallback if e820 table is empty 2026-05-07 10:04:54 +02:00
early-quirks.c drm/intel/pciids: rename i915_pciids.h to just pciids.h 2024-10-29 16:14:04 +02:00
early_printk.c Linux 6.15-rc4 2025-05-06 12:03:03 +02:00
ebda.c
eisa.c x86/EISA: Dereference memory directly instead of using readl() 2024-08-29 15:57:09 +02:00
espfix_64.c x86/fred: No ESPFIX needed when FRED is enabled 2024-01-31 22:01:51 +01:00
fred.c x86/fred: Remove kernel log message when initializing exceptions 2026-03-27 16:38:24 +01:00
ftrace.c x86/ftrace: Relocate %rip-relative percpu refs in dynamic trampolines 2026-05-27 15:23:37 -07:00
ftrace_32.S fgraph: Replace fgraph_ret_regs with ftrace_regs 2024-12-26 10:50:02 -05:00
ftrace_64.S x86/fgraph: Fix return_to_handler regs.rsp value 2026-01-30 13:40:08 -08:00
head32.c x86/microcode: Consolidate the loader enablement checking 2025-05-05 10:51:00 +02:00
head64.c x86/boot: Create a confined code area for startup code 2025-09-03 18:00:01 +02:00
head_32.S arch, mm: consolidate empty_zero_page 2026-04-05 13:53:01 -07:00
head_64.S arch, mm: consolidate empty_zero_page 2026-04-05 13:53:01 -07:00
hpet.c clocksource: Rewrite watchdog code completely 2026-03-20 13:36:32 +01:00
hw_breakpoint.c x86: Restrict KVM-induced symbol exports to KVM modules where obvious/possible 2025-11-12 15:29:38 -08:00
i8237.c syscore: Pass context data to callbacks 2025-11-14 10:01:52 +01:00
i8253.c x86/i8253: Call clockevent_i8253_disable() with interrupts disabled 2025-04-11 07:28:20 +02:00
i8259.c syscore: Pass context data to callbacks 2025-11-14 10:01:52 +01:00
ibt_selftest.S
idt.c x86/kvm/vmx: Fix x86_64 CFI build 2026-05-28 11:31:50 +02:00
io_delay.c
ioport.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
irq.c Trivial cleanups for the posted MSI interrupt handling 2026-02-10 17:39:08 -08:00
irq_32.c x86/irq: Move irq stacks to percpu hot section 2025-03-04 20:30:33 +01:00
irq_64.c x86/irq: Move irq stacks to percpu hot section 2025-03-04 20:30:33 +01:00
irq_work.c
irqflags.S x86/cfi: Clean up linkage 2025-02-14 10:32:05 +01:00
irqinit.c x86/fred: Install system vector handlers even if FRED isn't fully enabled 2025-08-18 14:23:08 +02:00
itmt.c x86/itmt: Add debugfs file to show core priorities 2025-07-07 22:35:51 +02:00
jailhouse.c x86/cpuid: Rename hypervisor_cpuid_base()/for_each_possible_hypervisor_cpuid_base() to cpuid_base_hypervisor()/for_each_possible_cpuid_base_hypervisor() 2025-05-16 10:54:47 +02:00
jump_label.c x86/alternatives: Rename 'text_poke_queue()' to 'smp_text_poke_batch_add()' 2025-04-11 11:01:33 +02:00
kdebugfs.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
kexec-bzimage64.c crash_dump/dm-crypt: don't print in arch-specific code 2026-04-02 23:36:24 -07:00
kgdb.c kgdb: update outdated references to kgdb_wait() 2026-04-21 16:41:54 +01:00
ksysfs.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
kvm.c x86/paravirt: Replace io_delay() hook with a bool 2026-03-22 08:43:05 +01:00
kvmclock.c x86/paravirt: Move paravirt_sched_clock() related code into tsc.c 2026-01-12 18:47:39 +01:00
ldt.c treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
machine_kexec_32.c x86/mm: Fix _pgd_alloc() for Xen PV mode 2025-04-23 07:49:14 -07:00
machine_kexec_64.c x86/crash: Use set_memory_p() instead of __set_memory_prot() 2026-01-13 15:28:59 +01:00
mmconf-fam10h_64.c x86/msr: Rename 'wrmsrl()' to 'wrmsrq()' 2025-04-10 11:58:33 +02:00
module.c x86/module: Improve relocation error messages 2025-10-14 14:45:21 -07:00
mpparse.c x86/mpparse: Cleanup apic_printk()s 2024-08-07 18:13:28 +02:00
msr.c x86/msr: Add CPU_OUT_OF_SPEC taint name to "unrecognized" pr_warn(msg) 2025-11-05 13:14:42 +01:00
nmi.c x86/kvm/vmx: Move IRQ/NMI dispatch from KVM into x86 core 2026-05-19 20:25:51 +02:00
nmi_selftest.c x86/nmi: Clean up NMI selftest 2025-04-01 22:26:32 +02:00
paravirt-spinlocks.c x86/pvlocks: Move paravirt spinlock functions into own header 2026-01-13 14:57:45 +01:00
paravirt.c x86/paravirt: Replace io_delay() hook with a bool 2026-03-22 08:43:05 +01:00
pci-dma.c Documentation: Merge x86-specific boot options doc into kernel-parameters.txt 2024-12-10 18:25:40 +01:00
pcspeaker.c
perf_regs.c
platform-quirks.c
pmem.c
probe_roms.c x86/sev: Skip ROM range scans and validation for SEV-SNP guests 2024-03-26 15:22:35 +01:00
process.c - Make TDX and kexec work together 2025-10-04 10:01:30 -07:00
process.h
process_32.c x86/process/32: Use correct type for 'gs' variable in __show_regs() to avoid zero-extension 2026-03-31 09:50:10 +02:00
process_64.c x86/process/64: Use savesegment() in __show_regs() instead of inline asm 2026-03-31 09:50:10 +02:00
ptrace.c x86/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names 2025-07-14 22:27:48 -07:00
pvclock.c
quirks.c x86/platform: Fix missing declaration of 'x86_apple_machine' 2025-02-27 22:52:37 +01:00
reboot.c Arm: 2026-04-17 07:18:03 -07:00
reboot_fixups_32.c x86/msr: Rename 'wrmsrl()' to 'wrmsrq()' 2025-04-10 11:58:33 +02:00
relocate_kernel_32.S x86/asm: Remove semicolon from "rep" prefixes 2025-04-18 09:33:33 +02:00
relocate_kernel_64.S x86/kexec: Push kjump return address even for non-kjump kexec 2026-05-08 17:00:12 +02:00
resource.c pcmcia: remove obsolete host controller drivers 2026-03-30 07:28:13 +02:00
rethook.c objtool: Remove newlines and tabs from annotation macros 2025-12-03 19:42:37 +01:00
rtc.c x86: rtc: Drop PNP device check 2026-02-26 18:48:43 +01:00
setup.c memblock, treewide: make memblock_free() handle late freeing 2026-04-01 11:20:15 +03:00
setup_percpu.c x86/smp: Move this_cpu_off to percpu hot section 2025-03-04 20:30:33 +01:00
sev_verify_cbit.S x86/boot: Use 32-bit XOR to clear registers 2024-03-01 12:47:37 +01:00
shstk.c x86/shstk: Prevent deadlock during shstk sigreturn 2026-04-20 22:54:24 +02:00
signal.c x86/fpu: Convert task_struct::thread.fpu accesses to use x86_task_fpu() 2025-04-14 08:18:29 +02:00
signal_32.c x86/entry/vdso: Rename vdso_image_* to vdso*_image 2026-01-13 15:33:20 -08:00
signal_64.c x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler 2025-06-09 08:50:58 -07:00
smp.c KVM: x86: Move bulk of emergency virtualizaton logic to virt subsystem 2026-03-04 08:52:49 -08:00
smpboot.c x86/topo: Fix SNC topology mess 2026-03-04 16:35:09 +01:00
stacktrace.c
static_call.c objtool: Remove newlines and tabs from annotation macros 2025-12-03 19:42:37 +01:00
step.c x86/msr: Prepare for including <linux/percpu.h> into <asm/msr.h> 2024-03-04 12:01:39 +01:00
sys_ia32.c fs: fix archiecture-specific compat_ftruncate64 2026-03-23 12:41:57 +01:00
sys_x86_64.c arch/x86: teach arch_get_unmapped_area_vmflags to handle hugetlb mappings 2024-11-06 20:11:10 -08:00
tboot.c x86/e820: Drop obsolete E820_TYPE_RESERVED_KERN and related code 2025-02-21 16:05:00 +01:00
time.c x86: stop playing stack games in profile_pc() 2024-06-28 14:27:22 -07:00
tls.c x86/tls: Clean up 'sel' variable usage in do_set_thread_area() 2026-03-31 09:50:11 +02:00
tls.h
trace.c
trace_clock.c x86/msr: Add explicit includes of <asm/msr.h> 2025-05-02 10:23:47 +02:00
traps.c x86/vsyscall: Restore vsyscall=xonly mode under LASS 2026-03-19 15:11:13 -07:00
tsc.c clocksource: Rewrite watchdog code completely 2026-03-20 13:36:32 +01:00
tsc_msr.c x86/cpu: Fix #define name for Intel CPU model 0x5A 2025-02-04 10:05:53 -08:00
tsc_sync.c x86/msr: Add explicit includes of <asm/msr.h> 2025-05-02 10:23:47 +02:00
umip.c x86/traps: Consolidate user fixups in the #GP handler 2026-03-19 15:11:13 -07:00
unwind_frame.c
unwind_guess.c
unwind_orc.c objtool/x86: Reorder ORC register numbering 2026-03-18 09:38:52 +01:00
uprobes.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
verify_cpu.S x86/cpufeatures: Generate the <asm/cpufeaturemasks.h> header based on build config 2025-03-19 11:15:11 +01:00
vm86_32.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
vmcore_info_32.c crash: split vmcoreinfo exporting code out from crash_core.c 2024-02-23 17:48:22 -08:00
vmcore_info_64.c crash: split vmcoreinfo exporting code out from crash_core.c 2024-02-23 17:48:22 -08:00
vmlinux.lds.S kbuild: Split .modinfo out from ELF_DETAILS 2026-02-26 11:50:19 -07:00
vsmp_64.c x86/paravirt: Remove not needed includes of paravirt.h 2026-01-12 11:26:52 +01:00
x86_init.c treewide: Update email address 2026-01-11 06:09:11 -10:00