I have more carefully tested the proposed removal of the NT flag
clearing on lcall entry.

The question I wanted to answer is: is it necessary to clear NT in the
sysenter entry path as implemented for lcall7/lcall27 or is it possible
to remove the flag manipulation from do_lcall?

Doing it only for one and not the other looks wrong since several return
paths are shared, especially the ones which end up in iret, the only
instruction which is affected by the NT flag.

The conclusion is that 2.5 is NT safe (had to dig out an old P5-133 which
I could crash without fear of data loss, so I have only tested on 1
machine). The reason this cleanup works is that now (since Jan 5th) flags
are saved and restored in switch_to() to keep IOPL private to a process
even when using sysenter/sysexit.

The side effect of that patch is that NT becomes also process-private
instead of infecting all processes and triggering a killfest of all user
mode processes, including init (AFAICT kernel threads survived, but I
did not have any debug tools enabled in the kernel).

The only addition to the preceding version is that interrupts are
reenabled in the iret fixup path because it seems that do_exit() might
otherwise spend quite some time with interrupts disabled.