On 03/12/2019 10:08, Jan Beulich wrote:
> On 29.11.2019 21:01, Igor Druzhinin wrote:
>> --- a/xen/arch/x86/cpu/common.c
>> +++ b/xen/arch/x86/cpu/common.c
>> @@ -54,7 +54,7 @@ static unsigned int forced_caps[NCAPINTS];
>>  
>>  DEFINE_PER_CPU(bool, full_gdt_loaded);
>>  
>> -void __init setup_clear_cpu_cap(unsigned int cap)
>> +void setup_clear_cpu_cap(unsigned int cap)
>>  {
>>      const uint32_t *dfs;
>>      unsigned int i;
>> @@ -83,7 +83,7 @@ void __init setup_clear_cpu_cap(unsigned int cap)
>>      }
>>  }
>>  
>> -void __init setup_force_cpu_cap(unsigned int cap)
>> +void setup_force_cpu_cap(unsigned int cap)
>>  {
>>      if (__test_and_set_bit(cap, forced_caps))
>>              return;
> The two functions are deliberately __init, as any call to them
> post-init is not going to take system-wide effect.

Current example demonstrates the contrary.  Setting X86_BUG_FPU_PTRS at
any point through the runtime of Xen will cause the safe action to start
happening.

Dropping this call on the non-boot CPUs leads to an insecure
configuration which we're perfectly capable of working around, and
therefore isn't an acceptable solution.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Reply via email to