On Mon, Mar 11, 2019 at 12:23 PM Linus Torvalds <torva...@linux-foundation.org> wrote: > On Mon, Mar 11, 2019, 12:14 Kees Cook <keesc...@chromium.org> wrote: >> >> > >> > this_cpu_write(cpu_tlbstate.cr4, __read_cr4() | cr4_pin); >> > >> .. >> >> The protection needs to be around the actual "mov %rdi, %cr4" that >> native_write_cr4() exposes, > > > You misunderstand. > > The above is just the "initialise cr4 shadow cache" case. > > If you do the above, I think we may have cr4 values initialled early enough > that all CPUs can then just use the "check that the pinned bits were set" > unconditionally in the actual routine that changes cr4.
Oh! I see what you mean -- separate the or and test. Okay, I'll look at that too. -- Kees Cook
