Re: [RFC PATCH 07/10] x86/fpu: Rellocate fpstate on save_fpregs_to_fpstate

[Dave Hansen]

On 12/3/21 3:39 AM, Jiaxun Yang wrote:
>>>  	if (likely(use_xsave())) {
>>> +		xstate_update_size(fpu);
>>>  		os_xsave(fpu->fpstate);
>>>  		update_avx_timestamp(fpu);
>>>  		return;
>> Have you considered what exactly happens when you hit that WARN_ON_FPU()
>> which otherwise ignores the allocation error?  Have you considered what
>> happens on the os_xsave() that follows it immediately?  How about what
>> happens the next time this task runs after that failure?
> Thank you for the catch.
> This is a few questions that I don't have answer, so it's a RFC.
> 
> I thought it is unlikely to happen as kmalloc has emergency pool.
> But in case it happens, I guess the best way to handle it is just
> send SIGILL to corresponding user process or panic if it's kernel
> fpu use?

We've thought a *LOT* about this exact problem over the past few years.

Intel even added hardware (XFD) to prevent the situation where you land
in the context switch code, fail a memory allocation, and have to
destroy user data in registers.  Without XFD, there are also zero ways
to avoid this happening to apps, *other* than preallocating the memory
in the first place.

I don't think there is *any* viable path forward with this series.