On 05/09/17 14:22, Jan Beulich wrote: > For XEN_SMEP and XEN_SMAP to not be cleared while bringing up APs we'd > need to clone the respective hack used for CPUID_FAULTING. Introduce an > inverse of setup_clear_cpu_cap() instead, but let clearing of features > overrule forced setting of them. > > XEN_SMAP being wrong post-boot is a problem specifically for live > patching, as a live patch may need alternative instruction patching > keyed off of that feature flag. > > Reported-by: Sarah Newman <secur...@prgmr.com> > Signed-off-by: Jan Beulich <jbeul...@suse.com>
Reviewed-by: Andrew Cooper <andrew.coop...@citrix.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel