iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support
[linux/fpc-iii.git] / arch / x86 / kernel / tls.c
blob71d3fef1edc92e7e10180a84ea36b5c81443e58c
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/kernel.h>
3 #include <linux/errno.h>
4 #include <linux/sched.h>
5 #include <linux/user.h>
6 #include <linux/regset.h>
7 #include <linux/syscalls.h>
8 #include <linux/nospec.h>
10 #include <linux/uaccess.h>
11 #include <asm/desc.h>
12 #include <asm/ldt.h>
13 #include <asm/processor.h>
14 #include <asm/proto.h>
16 #include "tls.h"
19 * sys_alloc_thread_area: get a yet unused TLS descriptor index.
21 static int get_free_idx(void)
23 struct thread_struct *t = &current->thread;
24 int idx;
26 for (idx = 0; idx < GDT_ENTRY_TLS_ENTRIES; idx++)
27 if (desc_empty(&t->tls_array[idx]))
28 return idx + GDT_ENTRY_TLS_MIN;
29 return -ESRCH;
32 static bool tls_desc_okay(const struct user_desc *info)
35 * For historical reasons (i.e. no one ever documented how any
36 * of the segmentation APIs work), user programs can and do
37 * assume that a struct user_desc that's all zeros except for
38 * entry_number means "no segment at all". This never actually
39 * worked. In fact, up to Linux 3.19, a struct user_desc like
40 * this would create a 16-bit read-write segment with base and
41 * limit both equal to zero.
43 * That was close enough to "no segment at all" until we
44 * hardened this function to disallow 16-bit TLS segments. Fix
45 * it up by interpreting these zeroed segments the way that they
46 * were almost certainly intended to be interpreted.
48 * The correct way to ask for "no segment at all" is to specify
49 * a user_desc that satisfies LDT_empty. To keep everything
50 * working, we accept both.
52 * Note that there's a similar kludge in modify_ldt -- look at
53 * the distinction between modes 1 and 0x11.
55 if (LDT_empty(info) || LDT_zero(info))
56 return true;
59 * espfix is required for 16-bit data segments, but espfix
60 * only works for LDT segments.
62 if (!info->seg_32bit)
63 return false;
65 /* Only allow data segments in the TLS array. */
66 if (info->contents > 1)
67 return false;
70 * Non-present segments with DPL 3 present an interesting attack
71 * surface. The kernel should handle such segments correctly,
72 * but TLS is very difficult to protect in a sandbox, so prevent
73 * such segments from being created.
75 * If userspace needs to remove a TLS entry, it can still delete
76 * it outright.
78 if (info->seg_not_present)
79 return false;
81 return true;
84 static void set_tls_desc(struct task_struct *p, int idx,
85 const struct user_desc *info, int n)
87 struct thread_struct *t = &p->thread;
88 struct desc_struct *desc = &t->tls_array[idx - GDT_ENTRY_TLS_MIN];
89 int cpu;
92 * We must not get preempted while modifying the TLS.
94 cpu = get_cpu();
96 while (n-- > 0) {
97 if (LDT_empty(info) || LDT_zero(info))
98 memset(desc, 0, sizeof(*desc));
99 else
100 fill_ldt(desc, info);
101 ++info;
102 ++desc;
105 if (t == &current->thread)
106 load_TLS(t, cpu);
108 put_cpu();
112 * Set a given TLS descriptor:
114 int do_set_thread_area(struct task_struct *p, int idx,
115 struct user_desc __user *u_info,
116 int can_allocate)
118 struct user_desc info;
119 unsigned short __maybe_unused sel, modified_sel;
121 if (copy_from_user(&info, u_info, sizeof(info)))
122 return -EFAULT;
124 if (!tls_desc_okay(&info))
125 return -EINVAL;
127 if (idx == -1)
128 idx = info.entry_number;
131 * index -1 means the kernel should try to find and
132 * allocate an empty descriptor:
134 if (idx == -1 && can_allocate) {
135 idx = get_free_idx();
136 if (idx < 0)
137 return idx;
138 if (put_user(idx, &u_info->entry_number))
139 return -EFAULT;
142 if (idx < GDT_ENTRY_TLS_MIN || idx > GDT_ENTRY_TLS_MAX)
143 return -EINVAL;
145 set_tls_desc(p, idx, &info, 1);
148 * If DS, ES, FS, or GS points to the modified segment, forcibly
149 * refresh it. Only needed on x86_64 because x86_32 reloads them
150 * on return to user mode.
152 modified_sel = (idx << 3) | 3;
154 if (p == current) {
155 #ifdef CONFIG_X86_64
156 savesegment(ds, sel);
157 if (sel == modified_sel)
158 loadsegment(ds, sel);
160 savesegment(es, sel);
161 if (sel == modified_sel)
162 loadsegment(es, sel);
164 savesegment(fs, sel);
165 if (sel == modified_sel)
166 loadsegment(fs, sel);
168 savesegment(gs, sel);
169 if (sel == modified_sel)
170 load_gs_index(sel);
171 #endif
173 #ifdef CONFIG_X86_32_LAZY_GS
174 savesegment(gs, sel);
175 if (sel == modified_sel)
176 loadsegment(gs, sel);
177 #endif
178 } else {
179 #ifdef CONFIG_X86_64
180 if (p->thread.fsindex == modified_sel)
181 p->thread.fsbase = info.base_addr;
183 if (p->thread.gsindex == modified_sel)
184 p->thread.gsbase = info.base_addr;
185 #endif
188 return 0;
191 SYSCALL_DEFINE1(set_thread_area, struct user_desc __user *, u_info)
193 return do_set_thread_area(current, -1, u_info, 1);
198 * Get the current Thread-Local Storage area:
201 static void fill_user_desc(struct user_desc *info, int idx,
202 const struct desc_struct *desc)
205 memset(info, 0, sizeof(*info));
206 info->entry_number = idx;
207 info->base_addr = get_desc_base(desc);
208 info->limit = get_desc_limit(desc);
209 info->seg_32bit = desc->d;
210 info->contents = desc->type >> 2;
211 info->read_exec_only = !(desc->type & 2);
212 info->limit_in_pages = desc->g;
213 info->seg_not_present = !desc->p;
214 info->useable = desc->avl;
215 #ifdef CONFIG_X86_64
216 info->lm = desc->l;
217 #endif
220 int do_get_thread_area(struct task_struct *p, int idx,
221 struct user_desc __user *u_info)
223 struct user_desc info;
224 int index;
226 if (idx == -1 && get_user(idx, &u_info->entry_number))
227 return -EFAULT;
229 if (idx < GDT_ENTRY_TLS_MIN || idx > GDT_ENTRY_TLS_MAX)
230 return -EINVAL;
232 index = idx - GDT_ENTRY_TLS_MIN;
233 index = array_index_nospec(index,
234 GDT_ENTRY_TLS_MAX - GDT_ENTRY_TLS_MIN + 1);
236 fill_user_desc(&info, idx, &p->thread.tls_array[index]);
238 if (copy_to_user(u_info, &info, sizeof(info)))
239 return -EFAULT;
240 return 0;
243 SYSCALL_DEFINE1(get_thread_area, struct user_desc __user *, u_info)
245 return do_get_thread_area(current, -1, u_info);
248 int regset_tls_active(struct task_struct *target,
249 const struct user_regset *regset)
251 struct thread_struct *t = &target->thread;
252 int n = GDT_ENTRY_TLS_ENTRIES;
253 while (n > 0 && desc_empty(&t->tls_array[n - 1]))
254 --n;
255 return n;
258 int regset_tls_get(struct task_struct *target, const struct user_regset *regset,
259 unsigned int pos, unsigned int count,
260 void *kbuf, void __user *ubuf)
262 const struct desc_struct *tls;
264 if (pos >= GDT_ENTRY_TLS_ENTRIES * sizeof(struct user_desc) ||
265 (pos % sizeof(struct user_desc)) != 0 ||
266 (count % sizeof(struct user_desc)) != 0)
267 return -EINVAL;
269 pos /= sizeof(struct user_desc);
270 count /= sizeof(struct user_desc);
272 tls = &target->thread.tls_array[pos];
274 if (kbuf) {
275 struct user_desc *info = kbuf;
276 while (count-- > 0)
277 fill_user_desc(info++, GDT_ENTRY_TLS_MIN + pos++,
278 tls++);
279 } else {
280 struct user_desc __user *u_info = ubuf;
281 while (count-- > 0) {
282 struct user_desc info;
283 fill_user_desc(&info, GDT_ENTRY_TLS_MIN + pos++, tls++);
284 if (__copy_to_user(u_info++, &info, sizeof(info)))
285 return -EFAULT;
289 return 0;
292 int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
293 unsigned int pos, unsigned int count,
294 const void *kbuf, const void __user *ubuf)
296 struct user_desc infobuf[GDT_ENTRY_TLS_ENTRIES];
297 const struct user_desc *info;
298 int i;
300 if (pos >= GDT_ENTRY_TLS_ENTRIES * sizeof(struct user_desc) ||
301 (pos % sizeof(struct user_desc)) != 0 ||
302 (count % sizeof(struct user_desc)) != 0)
303 return -EINVAL;
305 if (kbuf)
306 info = kbuf;
307 else if (__copy_from_user(infobuf, ubuf, count))
308 return -EFAULT;
309 else
310 info = infobuf;
312 for (i = 0; i < count / sizeof(struct user_desc); i++)
313 if (!tls_desc_okay(info + i))
314 return -EINVAL;
316 set_tls_desc(target,
317 GDT_ENTRY_TLS_MIN + (pos / sizeof(struct user_desc)),
318 info, count / sizeof(struct user_desc));
320 return 0;