Re: [PATCH v2] x86/mce: Include the PPIN in machine check records when it is available

[Henrique de Moraes Holschuh]

On Wed, 23 Nov 2016, Borislav Petkov wrote:
> +		/* if PPIN is disabled, but not locked, try to enable: */
> +		if (!(val & 3ul)) {
> +			wrmsrl_safe(MSR_PPIN_CTL,  val | 2ul);
> +			rdmsrl_safe(MSR_PPIN_CTL, &val);
> +		}

Actually, since this thing is supposed to be opt-in [through UEFI
config] for a good reason (privacy), IMHO it would make more sense to:

1. Assuming we can do it, always lock it when it is found to be unlocked
   at kernel boot.

2. Not attempt to change its state from disabled to enabled *unless*
   given a command line parameter authorizing it.  A kconfig-based
   solution for default+command line override would also work well IMHO,
   if it makes more sense.

This would keep the feature opt-in as it is supposed to be, while making
it "safer" on firmware that leaves it unlocked after boot, and would
still allow owners of systems that leave it unlocked to change its
state at boot.  Everyone ends up happy...

-- 
  Henrique Holschuh