* Borislav Petkov: > On Mon, Apr 12, 2021 at 04:19:29PM +0200, Florian Weimer wrote: >> Maybe we could have done this in 2016 when I reported this for the first >> time. Now it is too late, as more and more software is using >> CPUID-based detection for AVX-512. > > So as I said on another mail today, I don't think a library should rely > solely on CPUID-based detection of features especially if those features > need kernel support too. IOW, it should ask whether the kernel can > handle those too, first.
Yes, that's why we have the XGETBV handshake. I was imprecise. It's CPUID + XGETBV of course. Or even AT_HWCAP2 (for FSGSBASE). > And the CPUID-faulting thing would solve stuff like that because then > the kernel can *actually* get involved into answering something where it > has a say in, too. But why wouldn't we use a syscall or an entry in the auxiliary vector for that? Why fault a potentially performance-critical instruction? Thanks, Florian