Re: [PATCH] x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes

[Jacob Keller]

On 2/27/2020 10:01 AM, Borislav Petkov wrote:
> On Wed, Feb 26, 2020 at 04:16:13PM -0800, Jacob Keller wrote:
>> I tested this and it resolves my report! Thanks for a timely fix.
> 
> Adding your Tested-by.
> 

Yep, thanks.

>> I agree with the analysis. Perhaps it would make sense in the long term
>> to find a solution where get_cpu_cap can remember what was cleared for
>> each CPU and restore those? It already does this using the global
>> variables...
> 
> get_cpu_cap() remembers if you use setup_force_cpu_cap() but I agree
> that that whole feature bit handling is a bit, hm, "strange". It had its
> raisins.

Right. Nothing quite equivalent to that for per-CPU changes though.

> 
> FWIW, we had started cleaning those up but then the security nightmares
> happened so on the backburner it went...
> 
> Thx.
> 

Completely understandable. Especially since changes here are tricky to
get right, this being a case in point.

Thanks,
Jake