Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp631159ybm;
        Wed, 27 May 2020 04:19:36 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzG28xL/qKizlVsLeArTV3XCr6EcSbZKRW+JgCxwgyUR6MxfWsFyQa4ChueTaFbjpORdWCl
X-Received: by 2002:aa7:cc84:: with SMTP id p4mr23634517edt.216.1590578376008;
        Wed, 27 May 2020 04:19:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1590578375; cv=none;
        d=google.com; s=arc-20160816;
        b=z8zChm5jl6yLRlbpXUtJfxq8dOnTcD8Pva7jjuxAF66xq323tjG59f2XvlCPfvA2rP
         I+rGdORRKgjqflW7Vfsx7b3RBBpuDZbY9K+5FQ0g4VCL0mWkiDpMQbgAZdN1Q4UezMhG
         pb7mSuARMrwmMqyrKieNAcDibyU+Ue9f2kY99YKCejrLRtUIrJ7bQZmFa3fILhX76lyG
         LBK9Zuho5OEeGA76GOqgY/50/56Jc3NghkV2dvM+YWv4c1KObvMeIFyo3lPdJJDTRdsH
         AWzb3uclzFfaYrDKLYNAs4ZDR1TqisSdfnu2zqWSd+qze8QFGbebpHSfkDYfgpug81dO
         A/Bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:organization:references:in-reply-to:date:cc:to:from
         :subject:message-id:ironport-sdr:ironport-sdr;
        bh=1ISnDm9piqR40owE4LRPwbHVlcRQi1YYLylHxfYu8ps=;
        b=NNSkY4mhzr2cG21HK95X5o5oXm3iVXYwodmFgDxUc+xloD99W8HPpXC1TvVgqqvrQ/
         zCGTIlU5+4ZFLagvQ3Tj8SperqoSN+6MWG6XhIfZwOlchVUr7ZRAT3eMz7xUH7s0ujk+
         22VCC0rO/Hfq4z7vcQTxLJULPmtiN/CQxuZLvvGhkIXV2GmUe+i2KTI3DO55TXS77NlN
         FMjeyEa67pz3/xwzN2ZCUP50L217DpzCwwUf8VCObsLRA57rPpMttvzaAZv7WlNRoW5m
         81wFvnZH89Fh2UY8LKQdQNh4KJhlJAYS7CpfzwdAzaKuJiy5dToqxzNhzAzPYUgfeT8L
         YxAw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id bd6si1381958edb.305.2020.05.27.04.19.13;
        Wed, 27 May 2020 04:19:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729442AbgE0Ibd (ORCPT <rfc822;epopevad@gmail.com> + 99 others);
        Wed, 27 May 2020 04:31:33 -0400
Received: from mga03.intel.com ([134.134.136.65]:64869 "EHLO mga03.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725949AbgE0Ibd (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 27 May 2020 04:31:33 -0400
IronPort-SDR: 6Uwn63Q+F6VC27jI+cgsZwvhh8sL+raHdDWcxnBrw3sNwD52yoUWOg5gMIn8My9suQzQz3F46O
 Bsx/UrrgpkkQ==
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga002.jf.intel.com ([10.7.209.21])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 May 2020 01:31:32 -0700
IronPort-SDR: 9q7bc2meWnX5N+ybF+NHmK3eYUgfL4FBOl7EKJx1NEUxeJPKQZIJC9hCvXI5EI3ukRcTy3RVdA
 O4Ats3aINUEA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.73,440,1583222400"; 
   d="scan'208";a="284729574"
Received: from rharrie2-mobl.ger.corp.intel.com ([10.252.56.247])
  by orsmga002.jf.intel.com with ESMTP; 27 May 2020 01:31:29 -0700
Message-ID: <331d5ea30b9d290aa451ec2e8389415823b909d8.camel@linux.intel.com>
Subject: Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     hpa@zytor.com, Thomas Gleixner <tglx@linutronix.de>,
        Don Porter <porter@cs.unc.edu>
Cc:     Andi Kleen <ak@linux.intel.com>, Sasha Levin <sashal@kernel.org>,
        linux-kernel@vger.kernel.org, bp@alien8.de, luto@kernel.org,
        dave.hansen@intel.com, tony.luck@intel.com,
        ravi.v.shankar@intel.com, chang.seok.bae@intel.com
Date:   Wed, 27 May 2020 11:31:28 +0300
In-Reply-To: <A9483B8B-C0DD-46CB-AD5D-D12EC61BB331@zytor.com>
References: <20200511045311.4785-1-sashal@kernel.org>
         <0186c22a8a6be1516df0703c421faaa581041774.camel@linux.intel.com>
         <20200515164013.GF29995@sasha-vm>
         <c566b89cc3ef6c164160cc56a820abac3fd70839.camel@linux.intel.com>
         <20200518153407.GA499505@tassilo.jf.intel.com>
         <371e6a92cad25cbe7a8489785efa7d3457ecef3b.camel@linux.intel.com>
         <87v9ksvoaq.fsf@nanos.tec.linutronix.de>
         <20200519164853.GA19706@linux.intel.com>
         <7eb45e02-03bf-0af0-c915-794bf49d66d7@cs.unc.edu>
         <87h7w7qy18.fsf@nanos.tec.linutronix.de>
         <A9483B8B-C0DD-46CB-AD5D-D12EC61BB331@zytor.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.36.2-0ubuntu1 
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, 2020-05-24 at 12:45 -0700, hpa@zytor.com wrote:
> On a related topic (needless to say, this should never have happened
> and is being raised at the highest levels inside Intel):
> 
> There are legitimate reasons to write a root-hole module, the main one
> being able to test security features like SMAP. I have requested
> before a TAINT flag specifically for this purpose, because
> TAINT_CRAP is nowhere near explicit enough, and is also used for
> staging drivers. Call it TAINT_TOXIC or TAINT_ROOTHOLE; it should
> always be accompanied with a CRIT level alert.

Are these flags easy to bump into in the first place for a person with
no prior familarity with the kernel?

/Jarkko