Re: [PATCH] x86/cpu/centaur: Disable X86_FEATURE_FSGSBASE on Zhaoxin C4600

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Yao Zi <me@ziyao.cc>
To: Andrew Cooper <andrew.cooper3@citrix.com>,
	Thomas Gleixner <tglx@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	"H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH] x86/cpu/centaur: Disable X86_FEATURE_FSGSBASE on Zhaoxin C4600
Date: Mon, 2 Mar 2026 05:08:23 +0000	[thread overview]
Message-ID: <aaUbR-vuxmuRhAsC@pie> (raw)
In-Reply-To: <05f84fa5-d0df-4bab-80a6-5ff2c418b5ec@citrix.com>

On Sun, Mar 01, 2026 at 04:29:13PM +0000, Andrew Cooper wrote:
> On 28/02/2026 5:37 pm, Yao Zi wrote:
> > Zhaoxin C4600, which names itself as CentaurHauls, claims
> > X86_FEATURE_FSGSBASE support in CPUID, while execution of fsgsbase-
> > related instructions fails with #UD exception. This will cause kernel
> > to crash early in current_save_fsgs().
> 
> #UD is the expected behaviour of the FSGS instructions if they're not
> enabled.
> 
> Are you saying that this specific CPU enumerates FSGSBASE in CPUID, and
> permits setting CR4.FSGSBASE (without #GP for a reserved bit), and the
> FSGS instructions still do not function?

Yes. Without any workarounds, the kernel crashes in current_save_fsgs(),
which is the first use site of rdfsbase, instead of identify_cpu() where
CR4.FSGSBASE is set up.

> What happens if you read CR4 back after trying to set the bit?

CR4.FSGSBASE is set correctly, I wrote a small patch for testing,

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 1c3261cae40c..d89a2cc71147 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2048,8 +2048,13 @@ static void identify_cpu(struct cpuinfo_x86 *c)
 	setup_lass(c);
 
 	/* Enable FSGSBASE instructions if available. */
-	if (cpu_has(c, X86_FEATURE_FSGSBASE)) {
+	if (1) {
+		pr_info("%s: enabling FSGSBASE\n", __func__);
+		pr_info("%s: before enabling, CR4 = 0x%lx\n",
+			__func__, native_read_cr4());
 		cr4_set_bits(X86_CR4_FSGSBASE);
+		pr_info("%s: after enabling, CR4 = 0x%lx\n",
+			__func__, native_read_cr4());
 		elf_hwcap2 |= HWCAP2_FSGSBASE;
 	}

On BSP I got,

[    0.298016] identify_cpu: enabling FSGSBASE
[    0.298021] identify_cpu: before enabling, CR4 = 0x1200b0
[    0.298027] identify_cpu: after enabling, CR4 = 0x1300b0

and on APs, CR4.FSGSBASE seems to be set by default,

[    0.414981] smp: Bringing up secondary CPUs ...
[    0.415211] smpboot: x86: Booting SMP configuration:
[    0.415219] .... node  #0, CPUs:      #1 #2 #3
[    0.001869] identify_cpu: enabling FSGSBASE
[    0.001869] identify_cpu: before enabling, CR4 = 0x1706b0
[    0.001869] identify_cpu: after enabling, CR4 = 0x1706b0

> ~Andrew

Regards,
Yao Zi

next prev parent reply	other threads:[~2026-03-02  5:09 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-02-28 17:37 [PATCH] x86/cpu/centaur: Disable X86_FEATURE_FSGSBASE on Zhaoxin C4600 Yao Zi
2026-02-28 19:06 ` Borislav Petkov
2026-03-01  9:27   ` Yao Zi
2026-03-01 18:37     ` David Laight
2026-03-02  5:09       ` Yao Zi
2026-03-01  0:33 ` Dave Hansen
2026-03-01  9:10   ` Yao Zi
2026-03-01 10:28   ` Borislav Petkov
2026-03-01 16:29 ` Andrew Cooper
2026-03-02  5:08   ` Yao Zi [this message]
2026-03-02  9:36     ` Andrew Cooper
2026-03-05  9:03 ` Tony W Wang-oc
2026-03-05 12:40   ` Andrew Cooper
2026-03-05 14:04   ` Yao Zi
2026-03-05 14:10     ` Andrew Cooper
2026-03-05 14:11   ` David Laight
2026-03-05 16:20   ` Dave Hansen
2026-03-12  2:14     ` Tony W Wang-oc
2026-03-12 15:52       ` Dave Hansen
2026-03-17  7:41         ` Tony W Wang-oc
2026-03-17 15:21           ` Dave Hansen
2026-03-18  3:44             ` Tony W Wang-oc
  -- strict thread matches above, loose matches on Subject: below --
2026-03-05 20:26 Christian Ludloff
2026-03-12  2:18 ` Tony W Wang-oc
2026-03-12 16:31   ` Christian Ludloff

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1c3261cae40 dfblob:d89a2cc7114 )
 OR (
bs:"Re: [PATCH] x86/cpu/centaur: Disable X86_FEATURE_FSGSBASE on Zhaoxin C4600" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aaUbR-vuxmuRhAsC@pie \
    --to=me@ziyao.cc \
    --cc=andrew.cooper3@citrix.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=stable@vger.kernel.org \
    --cc=tglx@kernel.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox