Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752272AbbEGRlk (ORCPT ); Thu, 7 May 2015 13:41:40 -0400 Received: from mga11.intel.com ([192.55.52.93]:61918 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752208AbbEGRlc (ORCPT ); Thu, 7 May 2015 13:41:32 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.13,384,1427785200"; d="scan'208";a="691508811" Subject: [PATCH 11/12] x86, pkeys: actually enable Memory Protection Keys in CPU To: dave@sr71.net Cc: linux-kernel@vger.kernel.org, x86@kernel.org From: Dave Hansen Date: Thu, 07 May 2015 10:41:36 -0700 References: <20150507174132.34AF8FAF@viggo.jf.intel.com> In-Reply-To: <20150507174132.34AF8FAF@viggo.jf.intel.com> Message-Id: <20150507174136.B5071E54@viggo.jf.intel.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2798 Lines: 84 This sets the bit in 'cr4' to actually enable the protection keys feature. We also include a boot-time disable for the feature "nopku". Seting X86_CR4_PKE will cause the X86_FEATURE_OSPKE cpuid bit to appear set. At this point in boot, identify_cpu() has already run the actual CPUID instructions and populated the "cpu features" structures. We need to go back and re-run identify_cpu() to make sure it gets updated values. We *could* simply re-populate the 11th word of the cpuid data, but this is probably quick enough. --- b/Documentation/kernel-parameters.txt | 3 +++ b/arch/x86/kernel/cpu/common.c | 27 +++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff -puN arch/x86/kernel/cpu/common.c~pkeys-5-should-be-last-patch arch/x86/kernel/cpu/common.c --- a/arch/x86/kernel/cpu/common.c~pkeys-5-should-be-last-patch 2015-05-07 10:31:44.946347938 -0700 +++ b/arch/x86/kernel/cpu/common.c 2015-05-07 10:31:44.952348209 -0700 @@ -306,6 +306,32 @@ static __always_inline void setup_smap(s } } +#ifdef CONFIG_X86_64 +/* + * Protection Keys are not available in 32-bit mode. + */ +static __always_inline void setup_pku(struct cpuinfo_x86 *c) +{ + if (!cpu_has(c, X86_FEATURE_PKU)) + return; + + cr4_set_bits(X86_CR4_PKE); + /* + * Seting X86_CR4_PKE will cause the X86_FEATURE_OSPKE + * cpuid bit to be set. We need to ensure that we + * update that bit in this CPU's "cpu_info". + */ + get_cpu_cap(&boot_cpu_data); +} + +static __init int setup_disable_pku(char *arg) +{ + setup_clear_cpu_cap(X86_FEATURE_PKU); + return 1; +} +__setup("nopku", setup_disable_pku); +#endif /* CONFIG_X86_64 */ + /* * Some CPU features depend on higher CPUID levels, which may not always * be available due to CPUID level capping or broken virtualization @@ -957,6 +983,7 @@ static void identify_cpu(struct cpuinfo_ } #ifdef CONFIG_X86_64 + setup_pku(c); detect_ht(c); #endif diff -puN Documentation/kernel-parameters.txt~pkeys-5-should-be-last-patch Documentation/kernel-parameters.txt --- a/Documentation/kernel-parameters.txt~pkeys-5-should-be-last-patch 2015-05-07 10:31:44.948348028 -0700 +++ b/Documentation/kernel-parameters.txt 2015-05-07 10:31:44.953348254 -0700 @@ -936,6 +936,9 @@ bytes respectively. Such letter suffixes Enable debug messages at boot time. See Documentation/dynamic-debug-howto.txt for details. + nopku [X86] Disable Memory Protection Keys CPU feature found + in some Intel CPUs. + eagerfpu= [X86] on enable eager fpu restore off disable eager fpu restore _ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/