From 87b6559d0a37cd82b4b2ffe38f88c0d4ac6ee7e2 Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@kernel.org>
Date: Mon, 25 May 2015 11:27:46 +0200
Subject: [PATCH] x86/fpu: Improve xstate_fault() handling

There are two problems with xstate_fault handling:

 - The xstate_fault() macro takes an argument, but that's
   propagated into the assembly named label as well. This
   is technically correct currently but might result in
   failures if anytime a more complex argument is used.
   So use a separate '_err' name instead for the label.

 - All the xstate_fault() using functions have an error
   variable named 'err', which is an output variable to
   the asm() they are using. The problem is, it's not always
   set by the asm(), in which case the compiler might
   optimize out its initialization, so that the C variable
   'err' might become corrupted after the asm() - confusing
   anyone who tries to take advantage of this variable
   after the asm(). Mark it an input variable as well.

   This is a latent bug currently, but an upcoming debug
   patch will make use of 'err'.

Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/include/asm/fpu/internal.h | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h
index d142ecb067b8..5370500d479e 100644
--- a/arch/x86/include/asm/fpu/internal.h
+++ b/arch/x86/include/asm/fpu/internal.h
@@ -220,13 +220,13 @@ static inline void copy_fxregs_to_kernel(struct fpu *fpu)
 					\
 	".section .fixup,\"ax\"\n"	\
 					\
-	"3:  movl $-1,%[err]\n"		\
+	"3:  movl $-2,%[_err]\n"	\
 	"    jmp  2b\n"			\
 					\
 	".previous\n"			\
 					\
 	_ASM_EXTABLE(1b, 3b)		\
-	: [err] "=r" (__err)
+	: [_err] "=r" (__err)
 
 /*
  * This function is called only during boot time when x86 caps are not set
@@ -245,14 +245,14 @@ static inline int copy_xregs_to_kernel_booting(struct xregs_state *xstate)
 		asm volatile("1:"XSAVES"\n\t"
 			"2:\n\t"
 			     xstate_fault(err)
-			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask)
-			:   "memory");
+			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask), "0" (err)
+			: "memory");
 	else
 		asm volatile("1:"XSAVE"\n\t"
 			"2:\n\t"
 			     xstate_fault(err)
-			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask)
-			:   "memory");
+			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask), "0" (err)
+			: "memory");
 	return err;
 }
 
@@ -272,14 +272,14 @@ static inline int copy_kernel_to_xregs_booting(struct xregs_state *xstate, u64 m
 		asm volatile("1:"XRSTORS"\n\t"
 			"2:\n\t"
 			     xstate_fault(err)
-			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask)
-			:   "memory");
+			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask), "0" (err)
+			: "memory");
 	else
 		asm volatile("1:"XRSTOR"\n\t"
 			"2:\n\t"
 			     xstate_fault(err)
-			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask)
-			:   "memory");
+			: "D" (xstate), "m" (*xstate), "a" (lmask), "d" (hmask), "0" (err)
+			: "memory");
 	return err;
 }
 
-- 
2.39.2