Re: [PATCH v12 0/4] x86: Capability bits fix and required bits sanity check

Next message: Edgecombe, Rick P: "Re: [PATCH v2 03/31] x86/virt/tdx: Add tdx_page_array helpers for new TDX Module objects"
Previous message: Ville Syrj&#xE4;l&#xE4;: "Re: [PATCH v11 03/22] drm: Add new general DRM property &quot;color format&quot;"
In reply to: Maciej Wieczor-Retman: "Re: [PATCH v12 0/4] x86: Capability bits fix and required bits sanity check"
Next in thread: Borislav Petkov: "Re: [PATCH v12 0/4] x86: Capability bits fix and required bits sanity check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: H. Peter Anvin

Date: Mon Mar 30 2026 - 19:57:15 EST

On 2026-03-29 23:11, Andi Kleen wrote:
>
> I'm not sure what the point of this check is. Obviously the kernel cannot
> handle it, short of refusing to boot which would be far too drastic.
>
> And if it's just for having something in the kernel log, who would look
> for this? Any possible symptoms from a bogus cpuid will be far
> disconnected from that particular log location.
>
> Further, there's also no evidence that it is a real practical problem.
> If anything it could likely only come from rogue VMMs, but these don't
> seem to be common. But VMMs normally don't really disable ISA, so even if the
> CPUID is inconsistent things will still likely work because the actual
> instructions are fine.
>

That's the main case; "it seems to work but if it breaks you get to keep both
pieces" -- i.e. the EXACT meaning of TAINT_CPU_OUT_OF_SPEC.

See my other posts on this thread.

> Assuming it was a real problem, you could just do it in a user program, why
> put it into the kernel and waste everyone's memory? (this cannot be
> initcode due to hotplug)
>
> Also it seems to violate Steinbach's system programing maxim
> (never check for something you don't know how to handle)

You *do* realize that is sarcasm, right?

-hpa