While the UMIP (User-Mode Instruction Prevention) is a generic X86 CPU
feature, there is no need to tie X86_UMIP only to Intel and AMD.
So remove that dependency from the Kconfig rules.
Signed-off-by: Tony W Wang-oc <[email protected]>
---
arch/x86/Kconfig | 1 -
1 file changed, 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 5ad3957..ca16b762 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1871,7 +1871,6 @@ config X86_SMAP
config X86_UMIP
def_bool y
- depends on CPU_SUP_INTEL || CPU_SUP_AMD
prompt "User Mode Instruction Prevention" if EXPERT
---help---
User Mode Instruction Prevention (UMIP) is a security feature in
--
2.7.4
On Mon, Mar 09, 2020 at 02:06:30PM +0800, Tony W Wang-oc wrote:
> While the UMIP (User-Mode Instruction Prevention) is a generic X86 CPU
> feature, there is no need to tie X86_UMIP only to Intel and AMD.
It is not generic - it just lost the "INTEL" in its name.
> So remove that dependency from the Kconfig rules.
>
> Signed-off-by: Tony W Wang-oc <[email protected]>
> ---
> arch/x86/Kconfig | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 5ad3957..ca16b762 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1871,7 +1871,6 @@ config X86_SMAP
>
> config X86_UMIP
> def_bool y
> - depends on CPU_SUP_INTEL || CPU_SUP_AMD
> prompt "User Mode Instruction Prevention" if EXPERT
> ---help---
> User Mode Instruction Prevention (UMIP) is a security feature in
> --
If you're going to do that, is there even any use for that config option
at all?
AFAICT, it adds ~1K to kernel text so we might just as well remove the
ifdeffery completely. The code ends up built in in 99% of the cases
anyway...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
On 2020-03-09 13:36, Borislav Petkov wrote:
>
> If you're going to do that, is there even any use for that config option
> at all?
>
> AFAICT, it adds ~1K to kernel text so we might just as well remove the
> ifdeffery completely. The code ends up built in in 99% of the cases
> anyway...
>
Perhaps the super-tiny-embedded kernel guys care? Otherwise it seems
pointless.
In general, once INTEL and AMD is enabled, it is just a matter of time
until other (still existent) vendors add those features, at least for
core features.
-hpa
On 10/03/2020 08:25, H. Peter Anvin wrote:
> On 2020-03-09 13:36, Borislav Petkov wrote:
>>
>> If you're going to do that, is there even any use for that config option
>> at all?
>>
>> AFAICT, it adds ~1K to kernel text so we might just as well remove the
>> ifdeffery completely. The code ends up built in in 99% of the cases
>> anyway...
>>
>
> Perhaps the super-tiny-embedded kernel guys care? Otherwise it seems
> pointless.
Agree, and I think leave this config to some users are meaningful.
Moreover, if remove the X86_UMIP config, a kernel-parameter like
"noumip" may be needed?
Sincerely
TonyWWang-oc
>
> In general, once INTEL and AMD is enabled, it is just a matter of time
> until other (still existent) vendors add those features, at least for
> core features.
>
> -hpa
> .
>
On Tue, Mar 10, 2020 at 03:24:37PM +0800, Tony W Wang-oc wrote:
> Moreover, if remove the X86_UMIP config, a kernel-parameter like
> "noumip" may be needed?
Not the same thing. Also, why would one need it? If one did, one would
need it now too.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
On Mon, Mar 09, 2020 at 05:25:59PM -0700, H. Peter Anvin wrote:
> Perhaps the super-tiny-embedded kernel guys care? Otherwise it seems
> pointless.
Yeah and I haven't heard anything from them in a while. I guess we can
leave it until someone removes it later.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
The following commit has been merged into the x86/cpu branch of tip:
Commit-ID: bdb04a1abbf92c998f1afb5f00a037f2edaec1f7
Gitweb: https://git.kernel.org/tip/bdb04a1abbf92c998f1afb5f00a037f2edaec1f7
Author: Tony W Wang-oc <[email protected]>
AuthorDate: Mon, 09 Mar 2020 14:06:30 +08:00
Committer: Borislav Petkov <[email protected]>
CommitterDate: Tue, 10 Mar 2020 10:10:53 +01:00
x86/Kconfig: Drop vendor dependency for X86_UMIP
Some Centaur family 7 CPUs and Zhaoxin family 7 CPUs support the UMIP
feature too. The text size growth which UMIP adds is ~1K and distro
kernels enable it anyway so remove the vendor dependency.
[ bp: Rewrite commit message. ]
Signed-off-by: Tony W Wang-oc <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
Link: https://lkml.kernel.org/r/[email protected]
---
arch/x86/Kconfig | 1 -
1 file changed, 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index beea770..cb3633d 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1875,7 +1875,6 @@ config X86_SMAP
config X86_UMIP
def_bool y
- depends on CPU_SUP_INTEL || CPU_SUP_AMD
prompt "User Mode Instruction Prevention" if EXPERT
---help---
User Mode Instruction Prevention (UMIP) is a security feature in
On 10/03/2020 17:09, Borislav Petkov wrote:
> On Tue, Mar 10, 2020 at 03:24:37PM +0800, Tony W Wang-oc wrote:
>> Moreover, if remove the X86_UMIP config, a kernel-parameter like
>> "noumip" may be needed?
>
> Not the same thing. Also, why would one need it? If one did, one would
> need it now too.
>
Yes, you are right, thank you point this. Let us focus on X86_UMIP config.
Sincerely
TonyWWang-oc