Re: [PATCH 04/10] x86/fpu: Document reasoning of FX-only fallback
From: Alexander Mikhalitsyn
Date: Fri Jun 26 2026 - 10:27:11 EST
Am Mo., 15. Juni 2026 um 21:39 Uhr schrieb Andrei Vagin <avagin@xxxxxxxxxx>:
>
> Add a comment to check_xstate_in_sigframe() to explain reasoning behind
> falling back to the FX-only state when signal frame metadata is
> inconsistent.
>
> The fallback is intended to preserve backward compatibility with legacy
> user-space processes that are not aware of XSAVE states and might only
> fill or copy just the legacy FP state.
>
> This fallback is dangerous as it can trigger silent corruptions of
> user-space state by resetting extended registers if the process was
> using them but the frame metadata was malformed.
>
> XSAVE was introduced 15 years ago, we may need to consider removing this
> fallback entirely or introducing a sysctl to enable/disable it.
>
> Signed-off-by: Andrei Vagin <avagin@xxxxxxxxxx>
Reviewed-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@xxxxxxxxxxxxxx>
> ---
> arch/x86/kernel/fpu/signal.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
> index 6a14b528ac7f..85021c5ea649 100644
> --- a/arch/x86/kernel/fpu/signal.c
> +++ b/arch/x86/kernel/fpu/signal.c
> @@ -54,6 +54,14 @@ static inline bool check_xstate_in_sigframe(struct fxregs_state __user *buf_fx,
> if (likely(magic2 == FP_XSTATE_MAGIC2))
> return true;
> err_setfx:
> + /*
> + * The fallback to FX-only state is used to preserve backward
> + * compatibility with user-space processes that are not aware of xsave
> + * states.
> + *
> + * In all other cases, returning false (to trigger SIGSEGV) is
> + * preferred to avoid silent user-space state corruption.
> + */
> trace_x86_fpu_xstate_check_failed(x86_task_fpu(current));
>
> /* Set the parameters for fx only state */
> --
> 2.54.0.1189.g8c84645362-goog
>
>