Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752272AbbEGRlk (ORCPT <rfc822;w@1wt.eu>);
	Thu, 7 May 2015 13:41:40 -0400
Received: from mga11.intel.com ([192.55.52.93]:61918 "EHLO mga11.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752208AbbEGRlc (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 7 May 2015 13:41:32 -0400
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.13,384,1427785200"; 
   d="scan'208";a="691508811"
Subject: [PATCH 11/12] x86, pkeys: actually enable Memory Protection Keys in CPU
To: dave@sr71.net
Cc: linux-kernel@vger.kernel.org, x86@kernel.org
From: Dave Hansen <dave@sr71.net>
Date: Thu, 07 May 2015 10:41:36 -0700
References: <20150507174132.34AF8FAF@viggo.jf.intel.com>
In-Reply-To: <20150507174132.34AF8FAF@viggo.jf.intel.com>
Message-Id: <20150507174136.B5071E54@viggo.jf.intel.com>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2798
Lines: 84


This sets the bit in 'cr4' to actually enable the protection
keys feature.  We also include a boot-time disable for the
feature "nopku".

Seting X86_CR4_PKE will cause the X86_FEATURE_OSPKE cpuid
bit to appear set.  At this point in boot, identify_cpu()
has already run the actual CPUID instructions and populated
the "cpu features" structures.  We need to go back and
re-run identify_cpu() to make sure it gets updated values.

We *could* simply re-populate the 11th word of the cpuid
data, but this is probably quick enough.


---

 b/Documentation/kernel-parameters.txt |    3 +++
 b/arch/x86/kernel/cpu/common.c        |   27 +++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff -puN arch/x86/kernel/cpu/common.c~pkeys-5-should-be-last-patch arch/x86/kernel/cpu/common.c
--- a/arch/x86/kernel/cpu/common.c~pkeys-5-should-be-last-patch	2015-05-07 10:31:44.946347938 -0700
+++ b/arch/x86/kernel/cpu/common.c	2015-05-07 10:31:44.952348209 -0700
@@ -306,6 +306,32 @@ static __always_inline void setup_smap(s
 	}
 }
 
+#ifdef CONFIG_X86_64
+/*
+ * Protection Keys are not available in 32-bit mode.
+ */
+static __always_inline void setup_pku(struct cpuinfo_x86 *c)
+{
+	if (!cpu_has(c, X86_FEATURE_PKU))
+		return;
+
+	cr4_set_bits(X86_CR4_PKE);
+	/*
+	 * Seting X86_CR4_PKE will cause the X86_FEATURE_OSPKE
+	 * cpuid bit to be set.  We need to ensure that we
+	 * update that bit in this CPU's "cpu_info".
+	 */
+	get_cpu_cap(&boot_cpu_data);
+}
+
+static __init int setup_disable_pku(char *arg)
+{
+	setup_clear_cpu_cap(X86_FEATURE_PKU);
+	return 1;
+}
+__setup("nopku", setup_disable_pku);
+#endif /* CONFIG_X86_64 */
+
 /*
  * Some CPU features depend on higher CPUID levels, which may not always
  * be available due to CPUID level capping or broken virtualization
@@ -957,6 +983,7 @@ static void identify_cpu(struct cpuinfo_
 	}
 
 #ifdef CONFIG_X86_64
+	setup_pku(c);
 	detect_ht(c);
 #endif
 
diff -puN Documentation/kernel-parameters.txt~pkeys-5-should-be-last-patch Documentation/kernel-parameters.txt
--- a/Documentation/kernel-parameters.txt~pkeys-5-should-be-last-patch	2015-05-07 10:31:44.948348028 -0700
+++ b/Documentation/kernel-parameters.txt	2015-05-07 10:31:44.953348254 -0700
@@ -936,6 +936,9 @@ bytes respectively. Such letter suffixes
 			Enable debug messages at boot time.  See
 			Documentation/dynamic-debug-howto.txt for details.
 
+	nopku		[X86] Disable Memory Protection Keys CPU feature found
+			in some Intel CPUs.
+
 	eagerfpu=	[X86]
 			on	enable eager fpu restore
 			off	disable eager fpu restore
_
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/