Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities

From: Borislav Petkov
Date: Mon Feb 07 2022 - 05:12:13 EST

Next message: Greg KH: "Re: [PATCH] x86/mm, mm/hwpoison: fix unmap kernel 1:1 pages"
Previous message: Dan Carpenter: "Re: [PATCH] staging: pi433: remove need to recompile code to debug fifo content"
In reply to: Kees Cook: "Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities"
Next in thread: Mike Rapoport: "Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 06, 2022 at 07:39:46PM -0800, Kees Cook wrote:
> Oh, this seems weird to me, as I'd expect it to show up since the CPU is
> _capable_ of it, even if it's not in use. (Am I really using avx512vl,
> e.g.?)

We're trying to put feature flags in /proc/cpuinfo which mean that the
kernel supports the feature - not every CPUID bit out there. For that
there's tools/arch/x86/kcpuid/kcpuid.c

Otherwise /proc/cpuinfo becomes a dumping ground for feature flags and
there's no shortage of those.

> But as you point out later, it does work that way for a lot of things
> and boot params. If this is the way things are supposed to be done,
> it looks like we should wire up "nx" vs "noexec=off" boot param to do

See here:

https://lore.kernel.org/r/20220127115626.14179-1-bp@xxxxxxxxx

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Greg KH: "Re: [PATCH] x86/mm, mm/hwpoison: fix unmap kernel 1:1 pages"
Previous message: Dan Carpenter: "Re: [PATCH] staging: pi433: remove need to recompile code to debug fifo content"
In reply to: Kees Cook: "Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities"
Next in thread: Mike Rapoport: "Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]