The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=153643a5bc8ac3b1d47fc8e4de18d8c8a59817da
commit 153643a5bc8ac3b1d47fc8e4de18d8c8a59817da Author: Konstantin Belousov <[email protected]> AuthorDate: 2023-01-27 10:45:02 +0000 Commit: Konstantin Belousov <[email protected]> CommitDate: 2023-01-27 17:44:49 +0000 amd64: do not enable PKRU if user disabled saving PKRU register in xsave mask This is done by reverting CR4_PKE bit, because we perform %CR4 initialization in initializecpu(), and the function is called before xsave_mask is read. To not redo the whole early initialization sequence for the corner case, this should be good enough. Reported by: jhb Reviewed by: jhb, markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D38219 --- sys/amd64/amd64/fpu.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/sys/amd64/amd64/fpu.c b/sys/amd64/amd64/fpu.c index e9b058f175b0..64974a7210a9 100644 --- a/sys/amd64/amd64/fpu.c +++ b/sys/amd64/amd64/fpu.c @@ -372,6 +372,7 @@ void fpuinit(void) { register_t saveintr; + uint64_t cr4; u_int mxcsr; u_short control; @@ -379,7 +380,22 @@ fpuinit(void) fpuinit_bsp1(); if (use_xsave) { - load_cr4(rcr4() | CR4_XSAVE); + cr4 = rcr4(); + + /* + * Revert enablement of PKRU if user disabled its + * saving on context switches by clearing the bit in + * the xsave mask. Also redundantly clear the bit in + * cpu_stdext_feature2 to prevent pmap from ever + * trying to set the page table bits. + */ + if ((cpu_stdext_feature2 & CPUID_STDEXT2_PKU) != 0 && + (xsave_mask & XFEATURE_ENABLED_PKRU) == 0) { + cr4 &= ~CR4_PKE; + cpu_stdext_feature2 &= ~CPUID_STDEXT2_PKU; + } + + load_cr4(cr4 | CR4_XSAVE); load_xcr(XCR0, xsave_mask); }
