Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack
From: Borislav Petkov
Date: Fri Oct 14 2022 - 13:13:01 EST
On Thu, Sep 29, 2022 at 03:29:01PM -0700, Rick Edgecombe wrote:
> static __always_inline void setup_cet(struct cpuinfo_x86 *c)
> {
> - u64 msr = CET_ENDBR_EN;
> + bool kernel_ibt = HAS_KERNEL_IBT && cpu_feature_enabled(X86_FEATURE_IBT);
So I'd love it if we can get rid of that HAS_KERNEL_IBT thing and use
the usual ifdeffery with Kconfig symbols. I wouldn't like for yet
another HAS_XXX feature checking method to proliferate as this is the
only one:
$ git grep -E "\WHAS_" arch/x86/
arch/x86/include/asm/ibt.h:18: * When all the above are satisfied, HAS_KERNEL_IBT will be 1, otherwise 0.
arch/x86/include/asm/ibt.h:22:#define HAS_KERNEL_IBT 1
arch/x86/include/asm/ibt.h:92:#define HAS_KERNEL_IBT 0
arch/x86/include/asm/ibt.h:114:#define ENDBR_INSN_SIZE (4*HAS_KERNEL_IBT)
arch/x86/include/asm/idtentry.h:8:#define IDT_ALIGN (8 * (1 + HAS_KERNEL_IBT))
arch/x86/kernel/cpu/common.c:601: bool kernel_ibt = HAS_KERNEL_IBT && cpu_feature_enabled(X86_FEATURE_IBT);
arch/x86/kernel/cpu/common.c:1942: if (HAS_KERNEL_IBT && cpu_feature_enabled(X86_FEATURE_IBT))
> __noendbr void cet_disable(void)
> {
> - if (cpu_feature_enabled(X86_FEATURE_IBT))
> - wrmsrl(MSR_IA32_S_CET, 0);
> + if (!(cpu_feature_enabled(X86_FEATURE_IBT) ||
> + cpu_feature_enabled(X86_FEATURE_SHSTK)))
> + return;
> +
> + wrmsrl(MSR_IA32_S_CET, 0);
> + wrmsrl(MSR_IA32_U_CET, 0);
> }
>
> +
Stray newline.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette