From nobody Thu Apr 2 19:00:03 2026 Received: from mail-06.mail-europe.com (mail-06.mail-europe.com [85.9.210.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E0646221F11 for ; Thu, 12 Feb 2026 15:34:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=85.9.210.45 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910501; cv=none; b=J1Yt8Verhu2fmuD1Wr+Hf0cSSpSk/gbtAHKqHgqF69lg4K9Ir1TnZ7H10cA+1kvKt/a4fmuOpfxkiY0jr4+BtnLXw+z/v9zMHQ/IWaXLu4ikDgbvBYm5pQz8OEBsufVV9e8/qrUqs+ujNn1zGfNg/atOqxESTGzTsa9DiIfkmLg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910501; c=relaxed/simple; bh=GKU97sFrDJU9ubg2pcOiS88y9fxPx469uJTR7aE6ieM=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VSNfTBrgMidNhxQcKi8GiOvc0b2YPqAc5p+2Bzs1WcRJj5r3XrIlIsuAwZhK6eMfc0sy+wdii97N6DbVLf8AQJw9Og4sXAZsIZlwALccPVFPkOazdmoDQGbHCNbqc1EVpSUlVu1K3nw0CpDvfOLp3SNAl7CzmaHMGUU7+mYDObk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me; spf=pass smtp.mailfrom=pm.me; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b=LkvNi11u; arc=none smtp.client-ip=85.9.210.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pm.me Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b="LkvNi11u" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pm.me; s=protonmail3; t=1770910483; x=1771169683; bh=4M+Owbd0HeHgku23Jntag7YvEbhLlJDH/9jpPFuXA6I=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=LkvNi11ucnkDX/2xnpTUxpj/bCdwE7jsGSoECQXV5bYHUB2FR14P/tWdKaT0/+meO lS5AQ1VDp2eUI7fH5wPoAcuBLQ1SErjdxA8Hy01o0Pp2PWovt1lEQHPKJE9YSn0pRO SdNKYKVcLZTFfTi1lSTFBdfWqUPxtc9nT9PP1m2lDjdmC93oX28oqI7uupScMmA04G tFut9ZKv7RCz3pygvKsgF++U8hUJLrmjzjjEWLJcP2TNgQMuph7PVUe8InR648u3Uc W63m/yOzKfq7cB59BVAzVtBKJol9RSHf+dkxQpiHDrTcngubAuEuCxjSYwGjZqUEI+ EJSjcEOGM87eg== Date: Thu, 12 Feb 2026 15:34:38 +0000 To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" From: Maciej Wieczor-Retman Cc: m.wieczorretman@pm.me, pawel.chmielewski@linux.intel.com, Farrah Chen , Maciej Wieczor-Retman , stable@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v5 1/3] x86/cpu: Clear feature bits disabled at compile-time Message-ID: <32fbbfc16974cfed11e7d2651bce836ba9ceaccc.1770908783.git.m.wieczorretman@pm.me> In-Reply-To: References: Feedback-ID: 164464600:user:proton X-Pm-Message-ID: 13dc42a1ba63ab0ef2e91884790de5ad50f75227 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maciej Wieczor-Retman If some config options are disabled during compile time, they still are enumerated in macros that use the x86_capability bitmask - cpu_has() or this_cpu_has(). The features are also visible in /proc/cpuinfo even though they are not enabled - which is contrary to what the documentation states about the file. Examples of such feature flags are lam, fred, sgx, ibrs_enhanced, split_lock_detect, user_shstk, avx_vnni and enqcmd. Through the cpufeaturemasks.awk script add a DISABLED_MASK_INITIALIZER macro that creates an initializer list filled with DISABLED_MASKx bitmasks. At the same time add a REQUIRED_MASK_INITIALIZER that can be used for a sanity check of whether all the required feature bits are set at the end of cpu identification. Initialize the cpu_caps_cleared array with the autogenerated disabled bitmask. apply_forced_caps() will clear the corresponding bits in boot_cpu_data.x86_capability[] and other secondary cpus' cpu_data.x86_capability[]. Thus features disabled at compile time won't show up in /proc/cpuinfo. Reported-by: Farrah Chen Closes: https://bugzilla.kernel.org/show_bug.cgi?id=3D220348 Signed-off-by: Maciej Wieczor-Retman Cc: # 6.18.x --- arch/x86/kernel/cpu/common.c | 3 ++- arch/x86/tools/cpufeaturemasks.awk | 6 ++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index e7ab22fce3b5..8d12c5722245 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -732,7 +732,8 @@ static const char *table_lookup_model(struct cpuinfo_x8= 6 *c) } =20 /* Aligned to unsigned long to avoid split lock in atomic bitmap ops */ -__u32 cpu_caps_cleared[NCAPINTS + NBUGINTS] __aligned(sizeof(unsigned long= )); +__u32 cpu_caps_cleared[NCAPINTS + NBUGINTS] __aligned(sizeof(unsigned long= )) =3D + DISABLED_MASK_INITIALIZER; __u32 cpu_caps_set[NCAPINTS + NBUGINTS] __aligned(sizeof(unsigned long)); =20 #ifdef CONFIG_X86_32 diff --git a/arch/x86/tools/cpufeaturemasks.awk b/arch/x86/tools/cpufeature= masks.awk index 173d5bf2d999..b7f4e775a365 100755 --- a/arch/x86/tools/cpufeaturemasks.awk +++ b/arch/x86/tools/cpufeaturemasks.awk @@ -82,6 +82,12 @@ END { } printf " 0\t\\\n"; printf "\t) & (1U << ((x) & 31)))\n\n"; + + printf "\n#define %s_MASK_INITIALIZER\t\t\t\\", s; + printf "\n\t{\t\t\t\t\t\t\\"; + for (i =3D 0; i < ncapints; i++) + printf "\n\t\t%s_MASK%d,\t\t\t\\", s, i; + printf "\n\t}\n\n"; } =20 printf "#endif /* _ASM_X86_CPUFEATUREMASKS_H */\n"; --=20 2.53.0 From nobody Thu Apr 2 19:00:03 2026 Received: from mail-244116.protonmail.ch (mail-244116.protonmail.ch [109.224.244.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A3C36208D0 for ; Thu, 12 Feb 2026 15:35:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=109.224.244.116 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910514; cv=none; b=uMVh360oUyPLGAF1GEEFn/LmZLeq8SB/xq3JagiNG60eNF+xI/wrut75EvOzaFq7XECfBMja4kC90NHR2wJ2Jl6N70MVnLlTEzoqLdjrmYCnf7LihIBXXUHHLkm8IIDNYfds22BoHCL/pV24VpO9lbAO5G4pOkEQFOTpPasz2AU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910514; c=relaxed/simple; bh=rFFRTyiZShwLcbB/FgEzqO0dLPAGInQeVzGKDS+HTMc=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=drCCMFr+7yATRG301PwGEwcHcAUl8JZvQE+0HYTmE1Nxpt0GBIr2xLe4jXfaKtd9rWCte2FvK9Q5gCepaHOGnU6dGG71gj4G9iLecs79XrLKV8p61IYei5i1c/66yP4U++Ii4J9Um2cC7Nf8dKzwuELbBOOK7p8VW1dcy4FNWtI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me; spf=pass smtp.mailfrom=pm.me; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b=ijnwd1FD; arc=none smtp.client-ip=109.224.244.116 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pm.me Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b="ijnwd1FD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pm.me; s=protonmail3; t=1770910504; x=1771169704; bh=W0A9N2Fw8pqBE/WkeOiFSoSBigIQ6Y0Owh+Jgu01drc=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=ijnwd1FDpWd9fVDusMmFW36B92aS4bfNaelVcCnyc3WKBbj2uS4W9sCsYgk/Zhpcs zQr6jIdwEv9Cv3tKm1lwpBuPAPTzzzlHoQlhBq9wagMbvQNmW5SFIwHDpyIOBKBtfv r2R/a35fnXK5UR8gVHlNaTukLO4actgTDzi5e20vzDRYA7V9x3W64edO4DK6WXP0Sb b4iHJIkczDLpS92HDK9edLJ16mViwKvjScZqA8tg0VOFYHd5gWDsuMFPtwbsnrtDFJ RdLq82lRfFyPUf5eivZzc9FMHJZA86qiVhQvkM9oow7i7DVRyvgLX0yw7po+0/zlhQ lxmAAPdsra2Lg== Date: Thu, 12 Feb 2026 15:35:01 +0000 To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra From: Maciej Wieczor-Retman Cc: m.wieczorretman@pm.me, pawel.chmielewski@linux.intel.com, Maciej Wieczor-Retman , linux-kernel@vger.kernel.org Subject: [PATCH v5 2/3] x86/cpu: Check if feature string is non-zero Message-ID: In-Reply-To: References: Feedback-ID: 164464600:user:proton X-Pm-Message-ID: fff179b6ef81bac0a26a845542ae3806d2dfe9a6 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maciej Wieczor-Retman In filter_cpuid_features, x86_cap_flags[] is read, but it's not verified whether the string is non-zero which could lead to unwanted output. In two more places there are open coded paths that try to retrieve a feature string, and if there isn't one, the feature word and bit are returned instead. Add a helper that verifies the feature string in filter_cpuid_features() is non-zero, and also cleans up the open coded paths mentioned above. Signed-off-by: Maciej Wieczor-Retman --- arch/x86/kernel/cpu/common.c | 25 ++++++++++++++++++++----- arch/x86/kernel/cpu/cpuid-deps.c | 21 +++------------------ include/linux/cpu.h | 2 ++ 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 8d12c5722245..7aede0760ebc 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -697,7 +697,7 @@ static void filter_cpuid_features(struct cpuinfo_x86 *c= , bool warn) continue; =20 pr_warn("CPU: CPU feature %s disabled, no CPUID level 0x%x\n", - x86_cap_flags[df->feature], df->level); + x86_cap_name(df->feature), df->level); } } =20 @@ -1651,10 +1651,7 @@ static inline bool parse_set_clear_cpuid(char *arg, = bool set) setup_clear_cpu_cap(bit); } /* empty-string, i.e., ""-defined feature flags */ - if (!x86_cap_flags[bit]) - pr_cont(" %d:%d\n", bit >> 5, bit & 31); - else - pr_cont(" %s\n", x86_cap_flags[bit]); + pr_cont(" %s\n", x86_cap_name(bit)); =20 taint++; } @@ -1972,6 +1969,24 @@ static void generic_identify(struct cpuinfo_x86 *c) #endif } =20 +const char *x86_cap_name(unsigned int bit) +{ + unsigned int word =3D bit >> 5; + static char undef_buf[16]; + const char *name =3D NULL; + + if (likely(word < NCAPINTS)) + name =3D x86_cap_flags[bit]; + else if (likely(word < NCAPINTS + NBUGINTS)) + name =3D x86_bug_flags[bit - 32 * NCAPINTS]; + + if (name) + return name; + + snprintf(undef_buf, sizeof(undef_buf), "%u:%u", word, bit & 31); + return undef_buf; +} + /* * This does the hard work of actually picking apart the CPU stuff... */ diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-d= eps.c index 146f6f8b0650..1106a5476dca 100644 --- a/arch/x86/kernel/cpu/cpuid-deps.c +++ b/arch/x86/kernel/cpu/cpuid-deps.c @@ -2,6 +2,7 @@ #include #include #include +#include #include =20 struct cpuid_dep { @@ -156,24 +157,8 @@ void setup_clear_cpu_cap(unsigned int feature) do_clear_cpu_cap(NULL, feature); } =20 -/* - * Return the feature "name" if available, otherwise return - * the X86_FEATURE_* numerals to make it easier to identify - * the feature. - */ -static const char *x86_feature_name(unsigned int feature, char *buf) -{ - if (x86_cap_flags[feature]) - return x86_cap_flags[feature]; - - snprintf(buf, 16, "%d*32+%2d", feature / 32, feature % 32); - - return buf; -} - void check_cpufeature_deps(struct cpuinfo_x86 *c) { - char feature_buf[16], depends_buf[16]; const struct cpuid_dep *d; =20 for (d =3D cpuid_deps; d->feature; d++) { @@ -185,8 +170,8 @@ void check_cpufeature_deps(struct cpuinfo_x86 *c) */ pr_warn_once("x86 CPU feature dependency check failure: CPU%d has '%s' = enabled but '%s' disabled. Kernel might be fine, but no guarantees.\n", smp_processor_id(), - x86_feature_name(d->feature, feature_buf), - x86_feature_name(d->depends, depends_buf)); + x86_cap_name(d->feature), + x86_cap_name(d->depends)); } } } diff --git a/include/linux/cpu.h b/include/linux/cpu.h index 487b3bf2e1ea..8b2176561f29 100644 --- a/include/linux/cpu.h +++ b/include/linux/cpu.h @@ -229,4 +229,6 @@ static inline bool cpu_attack_vector_mitigated(enum cpu= _attack_vectors v) #define smt_mitigations SMT_MITIGATIONS_OFF #endif =20 +const char *x86_cap_name(unsigned int bit); + #endif /* _LINUX_CPU_H_ */ --=20 2.53.0 From nobody Thu Apr 2 19:00:03 2026 Received: from mail-10629.protonmail.ch (mail-10629.protonmail.ch [79.135.106.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 123DA261573 for ; Thu, 12 Feb 2026 15:35:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=79.135.106.29 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910521; cv=none; b=tKaUdxwmGcMcDkr7avo6iGWOSR7RI0Qh1aPhepkMjGn5dcg+KRger+OCl9TO3ol9Cb71nh5LpyQufj0FinSpA7w4eqlUXp04Jh6/zQX6+gODA9sy+cskiFimvLOG7laclMdSxG2MVThSN4LiRkSu46w/61JsuOH9qdCNzMCTFQM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770910521; c=relaxed/simple; bh=qPHU/iqPGo4QUaiikvj4I9zMeEeqhvSOaSIOtXjU5v8=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=lEZV33LK6RqaKA5XZav0+8W49jv9igunx9wwdTjENJoMH6/uhM57xOWYfhyhHj9uE6vI85ZaFyevGw8dD7q8YtRYIfommfYtwnPP3fP529bDpI1HVV3Rlt8zhji4unc9zXW9/5we/9JDQodLNRqOn47KUH4OORdFvaV45XcTFpc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me; spf=pass smtp.mailfrom=pm.me; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b=qnhhDvoU; arc=none smtp.client-ip=79.135.106.29 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=pm.me Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pm.me Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=pm.me header.i=@pm.me header.b="qnhhDvoU" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pm.me; s=protonmail3; t=1770910518; x=1771169718; bh=+2td+hWXdeO7n5KKSpxBOjQhidpQ+z25dP3GgRIDo6g=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=qnhhDvoUWiPMhbG7w2WC+ymZqOQMxAZELNfsXosBWeOBuulyJO9x+h3rvlhHZQ9aD nXJXy+tiw680CF5joRpfNLwMAp7TKoyuEIx0hbVIeTOJI66Cd/pLEe/tTnLDNngLp3 mdobS2O65UBHwZmr3NR+0baJvEmhl8SHgl/zHpXpRpUzLo2uK+NIZU0fPG5DxmS0e2 qo7Hzqe+2wV0ZlyG0DJlqBdiSB0ZUw8vQKdreNB/Fn3PsWIACzo4tZlDw6IscqQ3iX yzH00aqfPBZ5pCTxP553XT9fN/8x8SZGOpyQVUl7+uI/P3+lF75y11tsry2uwLgwFg snmE8F1izV7ZQ== Date: Thu, 12 Feb 2026 15:35:13 +0000 To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" From: Maciej Wieczor-Retman Cc: m.wieczorretman@pm.me, pawel.chmielewski@linux.intel.com, Maciej Wieczor-Retman , linux-kernel@vger.kernel.org Subject: [PATCH v5 3/3] x86/cpu: Required feature bits sanity check Message-ID: <1bfbcdf7d2d7d5a1180e0de92d14cd6c246d5ea5.1770908783.git.m.wieczorretman@pm.me> In-Reply-To: References: Feedback-ID: 164464600:user:proton X-Pm-Message-ID: 685c61b2aeb6325055334ac04c07df5cf77b35eb Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maciej Wieczor-Retman After cpu identification concludes, do a sanity check by comparing the final x86_capability bitmask with the pre-defined required feature bits. Signed-off-by: Maciej Wieczor-Retman Acked-by: H. Peter Anvin (Intel) --- arch/x86/kernel/cpu/common.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 7aede0760ebc..5cf4f7174be8 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1987,6 +1987,36 @@ const char *x86_cap_name(unsigned int bit) return undef_buf; } =20 +/* + * As a sanity check compare the final x86_capability bitmask with the ini= tial + * predefined required feature bits. In case of a mismatch emit a warning = with + * the faulty bitmask value. + */ +static void verify_required_features(const struct cpuinfo_x86 *c) +{ + u32 missing[NCAPINTS] =3D REQUIRED_MASK_INITIALIZER; + u32 error =3D 0; + unsigned int i; + + for (i =3D 0; i < NCAPINTS; i++) { + missing[i] &=3D ~c->x86_capability[i]; + error |=3D missing[i]; + } + + if (!error) + return; /* All good */ + + /* + * At least one required feature is missing. Print a warning, + * and taint the kernel. + */ + pr_warn("cpu %d: missing required feature(s):", c->cpu_index); + for_each_set_bit(i, (void *)missing, NCAPINTS << 5) + pr_cont(" %s", x86_cap_name(i)); + pr_cont("\n"); + add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); +} + /* * This does the hard work of actually picking apart the CPU stuff... */ @@ -2116,6 +2146,8 @@ static void identify_cpu(struct cpuinfo_x86 *c) mcheck_cpu_init(c); =20 numa_add_cpu(smp_processor_id()); + + verify_required_features(c); } =20 /* --=20 2.53.0