While the reset value of the register is 0, it might not be after kexec/etc.
If PKEY0.{WD,AD} have leaked in from an earlier context, construction of a PV
dom0 will explode.
Sequencing wise, this must come after setting CR4.PKE, and before we touch any
user mappings.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
write_debugreg(6, X86_DR6_DEFAULT);
write_debugreg(7, X86_DR7_DEFAULT);
+ if (cpu_has_pku)
+ wrpkru(0);
+
/*
* If the platform is performing a Secure Launch via SKINIT, GIF is
* clear to prevent external interrupts interfering with Secure
/* CPUID level 0x00000007:0.ecx */
#define cpu_has_avx512_vbmi boot_cpu_has(X86_FEATURE_AVX512_VBMI)
+#define cpu_has_pku boot_cpu_has(X86_FEATURE_PKU)
#define cpu_has_avx512_vbmi2 boot_cpu_has(X86_FEATURE_AVX512_VBMI2)
#define cpu_has_gfni boot_cpu_has(X86_FEATURE_GFNI)
#define cpu_has_vaes boot_cpu_has(X86_FEATURE_VAES)
if ( boot_cpu_has(X86_FEATURE_FSGSBASE) )
set_in_cr4(X86_CR4_FSGSBASE);
- if ( boot_cpu_has(X86_FEATURE_PKU) )
+ if ( cpu_has_pku )
set_in_cr4(X86_CR4_PKE);
if ( opt_invpcid && cpu_has_invpcid )
projects / xen.git / commitdiff