Re: [PATCH v2 1/6] x86/cpu: Allow feature bit names from /proc/cpuinfo in clearcpuid=

From: Kees Cook
Date: Mon Feb 07 2022 - 17:04:10 EST

Next message: Rob Herring: "Re: [PATCH v2 1/3] dt-bindings: arm: samsung: document chagallwifi board binding"
Previous message: Sean Christopherson: "Re: [PATCH v3 04/10] x86/sev: Cache AP Jump Table Address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 27, 2022 at 12:56:21PM +0100, Borislav Petkov wrote:
> From: Borislav Petkov <bp@xxxxxxx>
>
> Having to give the X86_FEATURE array indices in order to disable a
> feature bit for testing is not really user-friendly. So accept the
> feature bit names too.
>
> Some feature bits don't have names so there the array indices are still
> accepted, of course.
>
> Clearing CPUID flags is not something which should be done in production
> so taint the kernel too.
>
> An exemplary cmdline would then be something like:
>
> clearcpuid=de,440,smca,succory,bmi1,3dnow
>
> ("succory" is wrong on purpose). And it says:
>
> [ 0.000000] Clearing CPUID bits: de 13:24 smca bmi1 3dnow
>
> Signed-off-by: Borislav Petkov <bp@xxxxxxx>

I like the taint flag addition!

Even though it reports what it does actually clear, do you think it
might be more "friendly" to yell about unknown stuff too? i.e.:

[ 0.000000] Clearing CPUID bits: unknown bit 'succory'
[ 0.000000] Clearing CPUID bits: de 13:24 smca bmi1 3dnow

Either way:

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook

Next message: Rob Herring: "Re: [PATCH v2 1/3] dt-bindings: arm: samsung: document chagallwifi board binding"
Previous message: Sean Christopherson: "Re: [PATCH v3 04/10] x86/sev: Cache AP Jump Table Address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]