Re: [PATCH] x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS if forced to zero

From: Juergen Gross
Date: Wed Apr 26 2017 - 14:24:31 EST


On 26/04/17 08:35, Borislav Petkov wrote:
> On Wed, Apr 26, 2017 at 06:45:42AM +0200, Juergen Gross wrote:
>> The really clean solution would be to add this test to set_cpu_bug()
>
> No, the really clean solution is to set it once and not play toggle
> games.
>
>> This would work. OTOH I'd prefer to test whether the bit should be
>> forced to remain zero than use the knowledge _who_ is trying to force
>> it.
>
> Because we're in the business of investigating who did?
>
> Nah, we should set it or clear it once and not do funky toggle games.
> Especially if in the future something else changes and timing windows
> grow and we refactor stuff and yadda yadda...

So what else is my patch doing? It is avoiding to set the bit in case
somebody (i.e. Xen) was forcing it to remain zero.

I'm not feeling strong about it. So if you want to test for
X86_FEATURE_XENPV to avoid setting X86_BUG_SYSRET_SS_ATTRS I'm fine
with it.

Will send V2 with that change.


Juergen