>> I think you can go a step further and exclude PKRU state from >> copy_kernel_to_fpregs altogether; you just use RDPKRU/WRPKRU. This also >> means you don't need to call __fpregs_* functions in write_pkru. > > something like this then? It looks like kvm excludes PKRU from > xsave/xrestore, too. This wouldn't be required then Yes, that's why the subject caught my eye! In fact, the reason for KVM to do so is either the opposite as your patch (it wants to call WRPKRU _after_ XRSTOR, not before) or the same (it wants to keep the userspace PKRU loaded for as long as possible), depending on how you look at it. > . This is (again) > untested since I have no box with this PKRU feature. This only available > on Intel's Xeon Scalable, right? It is available on QEMU too (the slower JIT thing without KVM, i.e. use /usr/bin/qemu-system-x86_64 instead of /usr/bin/qemu-kvm or /usr/bin/kvm). > - if (preload) > - __fpregs_load_activate(new_fpu, cpu); > + if (!preload) > + return; > + > + __fpregs_load_activate(new_fpu, cpu); > + > +#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS > + /* Protection keys need to be in place right at context switch time. */ > + if (boot_cpu_has(X86_FEATURE_OSPKE)) { > + if (new_fpu->pkru != __read_pkru()) > + __write_pkru(new_fpu->pkru); > + } > +#endif I think this would be before the "if (preload)"? > > if (boot_cpu_has(X86_FEATURE_OSPKE)) > - copy_init_pkru_to_fpregs(); > + pkru_set_init_value(); > } > Likewise, move this to fpu__clear and outside "if (static_cpu_has(X86_FEATURE_FPU))"? Also, a __read_pkru() seems to be missing in switch_fpu_prepare. Thanks, Paolo