Re: UMIP and clearcpuid=

From: Ronan Pigott

Date: Wed Jun 10 2026 - 16:44:20 EST


Hi Boris,

June 10, 2026 at 1:00 PM, "Borislav Petkov" <bp@xxxxxxxxx> wrote:

> The reason for wanting to disable it being?

My use case is playing Windows video games via Wine. For whatever reason,
they like to use these instructions:

$ journalctl -b -g umip -o cat --since=-5m
umip_printk: 117 callbacks suppressed
umip: StreetFighter6.[3837] ip:15f523f4d sp:524fecb0: SGDT instruction cannot be used by applications.
umip: StreetFighter6.[3837] ip:15f523f4d sp:524fecb0: For now, expensive software emulation returns the result.
umip: StreetFighter6.[3837] ip:15f523f4d sp:524fec20: SGDT instruction cannot be used by applications.
umip: StreetFighter6.[3837] ip:15f523f4d sp:524fec20: For now, expensive software emulation returns the result.
umip: StreetFighter6.[3837] ip:15f523f4d sp:524fecb0: SGDT instruction cannot be used by applications.

I don't think I benefit from the UMIP protection or the emulation, so I'd
rather just disable it. clearcpuid still works, but results in a tainted
kernel etc:

kernel: clearcpuid: force-disabling CPU feature flag: umip
kernel: !!! setcpuid=/clearcpuid= in use, this is for TESTING ONLY, may break things horribly. Tainting kernel.

so I think a umip=no flag as originally proposed could be preferable. Would
that be acceptable?

Cheers,

Ronan