Re: [PATCH v28 04/32] x86/cpufeatures: Introduce CPU setup and option parsing for CET

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/9/2021 9:06 AM, Borislav Petkov wrote:
On Thu, Jul 22, 2021 at 01:51:51PM -0700, Yu-cheng Yu wrote:
  /*
   * Some CPU features depend on higher CPUID levels, which may not always
   * be available due to CPUID level capping or broken virtualization
@@ -1249,6 +1257,11 @@ static void __init cpu_parse_early_param(void)
  	if (cmdline_find_option_bool(boot_command_line, "noxsaves"))
  		setup_clear_cpu_cap(X86_FEATURE_XSAVES);
+ if (cmdline_find_option_bool(boot_command_line, "no_user_shstk"))
+		setup_clear_cpu_cap(X86_FEATURE_SHSTK);
+	if (cmdline_find_option_bool(boot_command_line, "no_user_ibt"))
+		setup_clear_cpu_cap(X86_FEATURE_IBT);

Patch 1 says:

"Disabling shadow stack also disables IBT."

I don't see that here.


We have X86_FEATURE_IBT dependent on X86_FEATURE_SHSTK (patch #3).



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux