Re: [PATCH v8 09/12] x86/cpu: Add a configuration and command line option for Key Locker

From: Chang S. Bae
Date: Sun Jun 04 2023 - 18:14:07 EST

Next message: Stephen Rothwell: "linux-next: duplicate patches in the v4l-dvb-next tree"
Previous message: Chang S. Bae: "Re: [PATCH v8 10/12] crypto: x86/aesni - Use the proper data type in struct aesni_xts_ctx"
In reply to: Borislav Petkov: "Re: [PATCH v8 09/12] x86/cpu: Add a configuration and command line option for Key Locker"
Next in thread: Chang S. Bae: "[PATCH v8 07/12] x86/cpu/keylocker: Load a wrapping key at boot-time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/3/2023 9:37 AM, Borislav Petkov wrote:

On Sat, Jun 03, 2023 at 08:22:24AM -0700, Chang S. Bae wrote:

+static __init int x86_nokeylocker_setup(char *arg)
+{
+ /* Expect an exact match without trailing characters. */
+ if (strlen(arg))
+ return 0;
+
+ if (!cpu_feature_enabled(X86_FEATURE_KEYLOCKER))
+ return 1;
+
+ setup_clear_cpu_cap(X86_FEATURE_KEYLOCKER);
+ pr_info("x86/keylocker: Disabled by kernel command line.\n");
+ return 1;
+}
+__setup("nokeylocker", x86_nokeylocker_setup);

Can we stop adding those just to remove them at some point later but
simply do:

clearcpuid=keylocker

?

Oh, I was not sure about this policy. Thanks, now I'm glad that I have confidence in removing this.

Chang

Next message: Stephen Rothwell: "linux-next: duplicate patches in the v4l-dvb-next tree"
Previous message: Chang S. Bae: "Re: [PATCH v8 10/12] crypto: x86/aesni - Use the proper data type in struct aesni_xts_ctx"
In reply to: Borislav Petkov: "Re: [PATCH v8 09/12] x86/cpu: Add a configuration and command line option for Key Locker"
Next in thread: Chang S. Bae: "[PATCH v8 07/12] x86/cpu/keylocker: Load a wrapping key at boot-time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]