The "else" branch is to disable LASS for every cpu. Addition to clear the CR4 bit, it would be better to clear cpu feature id for consistent result in every CPU as well, otherwise, we could see the feature id is cleared in the boot-cpu only, for example, if user enables vsyscall.+static __always_inline void setup_lass(struct cpuinfo_x86 *c)
+{
+ if (cpu_feature_enabled(X86_FEATURE_LASS)) {
+ cr4_set_bits(X86_CR4_LASS);
+ } else {
+ /*
+ * only clear the feature and cr4 bits when hardware
+ * supports LASS, in case it was enabled in a previous
+ * boot (e.g., via kexec)
+ */
+ if (cpu_has(c, X86_FEATURE_LASS)) {
+ cr4_clear_bits(X86_CR4_LASS);
+ clear_cpu_cap(c, X86_FEATURE_LASS);
+ }
+ }
+}
I am quite confused by the "else" code flow. Can you please help understand how this code path would be exercised?
Also, why don't other features such as SMAP or SMEP need this type of handling?It seems there is no need to have such if-else for SMAP/SMEP since the X86_SMAP/SMEP was gone from arch/x86/Kconfig.
I did not test if pinning code works as commented: "/* These bits should not change their value after CPU init is finished. */"
Also, how does the CR4 pinning code in the following patch play into this?
+
/* These bits should not change their value after CPU init is finished. */
static const unsigned long cr4_pinned_mask =
X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP |
@@ -1848,6 +1865,7 @@ static void identify_cpu(struct cpuinfo_x86 *c)
setup_smep(c);
setup_smap(c);
setup_umip(c);
+ setup_lass(c);