Commit 3ea3f761 authored by Thomas Bogendoerfer's avatar Thomas Bogendoerfer Committed by Zheng Zengkai
Browse files

MIPS: kernel: Clear FPU states when setting up kernel threads 

stable inclusion
from stable-v6.6.7
commit 6d9cbae4c032451d41c262cbf8b90018af0dbda0
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I8SSQ4

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=6d9cbae4c032451d41c262cbf8b90018af0dbda0



--------------------------------

commit a58a173444a68412bb08849bd81c679395f20ca0 upstream.

io_uring sets up the io worker kernel thread via a syscall out of an
user space prrocess. This process might have used FPU and since
copy_thread() didn't clear FPU states for kernel threads a BUG()
is triggered for using FPU inside kernel. Move code around
to always clear FPU state for user and kernel threads.

Cc: stable@vger.kernel.org
Reported-by: default avatarAurelien Jarno <aurel32@debian.org>
Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055021


Suggested-by: default avatarJiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: default avatarJiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: default avatarThomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 4e61b931

arch/mips/kernel/process.c

+13 −12
Original line number Diff line number Diff line
@@ -121,6 +121,19 @@ int copy_thread(struct task_struct *p, const struct kernel_clone_args *args) 
	/*  Put the stack after the struct pt_regs.  */

	childksp = (unsigned long) childregs;

	p->thread.cp0_status = (read_c0_status() & ~(ST0_CU2|ST0_CU1)) | ST0_KERNEL_CUMASK;



	/*

	 * New tasks lose permission to use the fpu. This accelerates context

	 * switching for most programs since they don't use the fpu.

	 */

	clear_tsk_thread_flag(p, TIF_USEDFPU);

	clear_tsk_thread_flag(p, TIF_USEDMSA);

	clear_tsk_thread_flag(p, TIF_MSA_CTX_LIVE);



#ifdef CONFIG_MIPS_MT_FPAFF

	clear_tsk_thread_flag(p, TIF_FPUBOUND);

#endif /* CONFIG_MIPS_MT_FPAFF */



	if (unlikely(args->fn)) {

		/* kernel thread */

		unsigned long status = p->thread.cp0_status;
@@ -149,20 +162,8 @@ int copy_thread(struct task_struct *p, const struct kernel_clone_args *args) 
	p->thread.reg29 = (unsigned long) childregs;

	p->thread.reg31 = (unsigned long) ret_from_fork;



	/*

	 * New tasks lose permission to use the fpu. This accelerates context

	 * switching for most programs since they don't use the fpu.

	 */

	childregs->cp0_status &= ~(ST0_CU2|ST0_CU1);



	clear_tsk_thread_flag(p, TIF_USEDFPU);

	clear_tsk_thread_flag(p, TIF_USEDMSA);

	clear_tsk_thread_flag(p, TIF_MSA_CTX_LIVE);



#ifdef CONFIG_MIPS_MT_FPAFF

	clear_tsk_thread_flag(p, TIF_FPUBOUND);

#endif /* CONFIG_MIPS_MT_FPAFF */



#ifdef CONFIG_MIPS_FP_SUPPORT

	atomic_set(&p->thread.bd_emu_frame, BD_EMUFRAME_NONE);

#endif