[PATCH v3 0/10] x86/fpu: Restore and reinforce signal frame portability

[Andrei Vagin]

The x86 signal frame is designed to be self-describing. The xstate_size
field in the software-reserved bytes indicates the actual size of the
xstate context and is used by the kernel to locate the FP_XSTATE_MAGIC2
marker during signal return.

This design is required to provide portability of signal frames across
different machines. For example, a process checkpointed on a system with
fewer xstate features and restored on a system with more features will
have a signal frame on its stack that is smaller than the destination
host's default. By relying on the frame's internal xstate_size, the
kernel can correctly validate and restore such frames.

This series restores and improves signal frame portability. The goal is
to allow process migration across CPUs with heterogeneous FPU
capabilities, as long as the process only uses features supported by
both systems. This version addresses the original issues by pre-faulting
only the required size of the xstate buffer (rather than the default
task size), and includes cleanups requested by Ingo Molnar.

v3:
    - Include cleanups and refactoring of signal frame handling code
      as requested by Ingo Molnar.
    - Fix potential underflow in xstate_calculate_size()

v2:
    - Address sashiko comments.
    - 44eeff9bc467 ("Revert "x86/fpu: Refine and simplify the magic
      number check during signal return"") has been merged.

Cc: Thomas Gleixner <tglx@xxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
Cc: "Chang S. Bae" <chang.seok.bae@xxxxxxxxx>

Andrei Vagin (10):
  x86/fpu: Document signal frame portability
  x86/fpu: Clean up and rename variables in signal frame handling
  x86/fpu: Split __fpu_restore_sig to extract compat path
  x86/fpu: Document reasoning of FX-only fallback
  x86/fpu: Fix potential underflow in xstate_calculate_size()
  selftests/x86: Add a test for signal frame FPU portability
  x86/fpu: Pre-fault only required size of xstate buffer
  selftests/x86: Add a sigframe insufficient xstate_size test
  x86/fpu: Allow restoring signal frames with larger xstate_size
  selftests/x86: Check restoring FPU state with larger xstate_size

 Documentation/arch/x86/xstate.rst             |  13 +
 arch/x86/include/uapi/asm/sigcontext.h        |  13 +
 arch/x86/kernel/fpu/signal.c                  | 141 +++++--
 arch/x86/kernel/fpu/xstate.c                  |   9 +-
 arch/x86/kernel/fpu/xstate.h                  |   2 +
 tools/testing/selftests/x86/Makefile          |   5 +-
 .../selftests/x86/sigframe_fpu_portability.c  | 345 ++++++++++++++++++
 tools/testing/selftests/x86/xstate.c          |   5 -
 tools/testing/selftests/x86/xstate.h          |  12 +
 9 files changed, 497 insertions(+), 48 deletions(-)
 create mode 100644 tools/testing/selftests/x86/sigframe_fpu_portability.c

-- 
2.54.0.1189.g8c84645362-goog