Re: [PATCH] x86/cpu/centaur: Disable X86_FEATURE_FSGSBASE on Zhaoxin C4600
From: David Laight
Date: Sun Mar 01 2026 - 13:38:03 EST
On Sun, 1 Mar 2026 09:27:29 +0000
Yao Zi <me@xxxxxxxx> wrote:
> On Sat, Feb 28, 2026 at 08:06:15PM +0100, Borislav Petkov wrote:
> > On Sat, Feb 28, 2026 at 05:37:04PM +0000, Yao Zi wrote:
> > > Zhaoxin C4600, which names itself as CentaurHauls, claims
> > > X86_FEATURE_FSGSBASE support in CPUID, while execution of fsgsbase-
> > > related instructions fails with #UD exception. This will cause kernel
> > > to crash early in current_save_fsgs().
> > >
> > > Let's disable the feature on this problematic CPU and warn the user
> > > about the quirk. x86_model_id is used to match the platform to avoid
> > > unexpectedly breaking other CentaurHauls cores with conflicting
> > > family/model ID.
> >
> > Please use passive voice in your commit message: no "we" or "I", etc,
> > and describe your changes in imperative mood.
> >
> > Also, pls read section "2) Describe your changes" in
> > Documentation/process/submitting-patches.rst for more details.
> >
> > Also, see section "Changelog" in
> > Documentation/process/maintainer-tip.rst
>
> Okay.
>
> > > Cc: stable@xxxxxxxxxxxxxxx
> > > Signed-off-by: Yao Zi <me@xxxxxxxx>
> > > ---
> > > arch/x86/kernel/cpu/centaur.c | 25 +++++++++++++++++++++++++
> > > 1 file changed, 25 insertions(+)
> > >
> > > diff --git a/arch/x86/kernel/cpu/centaur.c b/arch/x86/kernel/cpu/centaur.c
> > > index 81695da9c524..3773784ba6a9 100644
> > > --- a/arch/x86/kernel/cpu/centaur.c
> > > +++ b/arch/x86/kernel/cpu/centaur.c
> > > @@ -108,6 +108,29 @@ static void early_init_centaur(struct cpuinfo_x86 *c)
> > > }
> > > }
> > >
> > > +/*
> > > + * Zhaoxin C4600 (family 6, model 15) names itself as CentaurHauls, it claims
> > > + * X86_FEATURE_FSGSBASE support in CPUID, while executing any fsgsbase-related
> > > + * instructions on it results in #UD.
> > > + */
> > > +static void fixup_zhaoxin_fsgsbase(struct cpuinfo_x86 *c)
> >
> > s/fixup/disable/
>
> Okay.
>
> > > +{
> > > + const char *name, *model_names[] = {
> > > + "C-QuadCore C4600"
> > > + };
> >
> > Why is this an array with a single string in it?
> >
> > > + int i;
> > > +
> > > + for (i = 0; i < ARRAY_SIZE(model_names); i++) {
> >
> > So that you can loop once with it?
> >
> > Silly.
>
> Though I don't have the conditions to confirm it, it's likely other CPUs
> in the same generation of designs from Zhaoxin have similar issues:
> their specifications[1] are mostly identical except the core frequency,
> thus they're likely the same die. So I leave a loop here to ease latter
> additions if necessary. Sorry not to make it clear.
>
> This may be a little farsight. Dave suggests declaring an x86_cpu_id
> array and switching to x86_cpu_match(), do you think it's acceptable? Or
> should I focus only on the known problematic model and use a simple
> if to match Zhaoxin C4600 for now?
Is it possible to try executing one of the instructions and see if it traps?
That saves having to maintain a list of broken cpu.
David
>
> > > + name = model_names[i];
> > > +
> > > + if (!strncmp(c->x86_model_id, name, strlen(name))) {
> > > + pr_warn_once("CPU has broken FSGSBASE support\n");
> > > + setup_clear_cpu_cap(X86_FEATURE_FSGSBASE);
> > > + return;
> > > + }
> > > + }
> > > +}
> >
> > --
> > Regards/Gruss,
> > Boris.
> >
> > https://people.kernel.org/tglx/notes-about-netiquette
>
> Regards,
> Yao Zi
>
> [1]: https://www.zhaoxin.com/qt.aspx?nid=3&typeid=90
>