From owner-freebsd-hackers@FreeBSD.ORG Wed May 18 15:40:12 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4EBE106564A; Wed, 18 May 2011 15:40:12 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.zoral.com.ua (mx0.zoral.com.ua [91.193.166.200]) by mx1.freebsd.org (Postfix) with ESMTP id 62A2D8FC0C; Wed, 18 May 2011 15:40:11 +0000 (UTC) Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id p4IFe7O1015166 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 18 May 2011 18:40:07 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.4/8.14.4) with ESMTP id p4IFe72Q000963; Wed, 18 May 2011 18:40:07 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.4/8.14.4/Submit) id p4IFe7VD000962; Wed, 18 May 2011 18:40:07 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 18 May 2011 18:40:07 +0300 From: Kostik Belousov To: John Baldwin Message-ID: <20110518154007.GR48734@deviant.kiev.zoral.com.ua> References: <1305581685-5144-1-git-send-email-fenghua.yu@intel.com> <20110518010353.GQ48734@deviant.kiev.zoral.com.ua> <201105181050.30128.jhb@freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="mqabeeRFEDQfpoIl" Content-Disposition: inline In-Reply-To: <201105181050.30128.jhb@freebsd.org> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.2 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-3.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_OPENWHOIS autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua Cc: freebsd-hackers@freebsd.org, Oliver Pinter Subject: Re: Fwd: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 May 2011 15:40:12 -0000 --mqabeeRFEDQfpoIl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 18, 2011 at 10:50:30AM -0400, John Baldwin wrote: > On Wednesday, May 18, 2011 8:31:15 am Oliver Pinter wrote: > > On 5/18/11, Kostik Belousov wrote: > > > On Wed, May 18, 2011 at 02:03:07AM +0200, Oliver Pinter wrote: > > >> ---------- Forwarded message ---------- > > >> From: Fenghua Yu > > >> Date: Mon, 16 May 2011 14:34:44 -0700 > > >> Subject: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP > > >> To: Ingo Molnar , Thomas Gleixner , > > >> H Peter Anvin , Asit K Mallick > > >> , Linus Torvalds > > >> , Avi Kivity , Arjan > > >> van de Ven , Andrew Morton > > >> , Andi Kleen > > >> Cc: linux-kernel , Fenghua Yu > > >> > > >> > > >> From: Fenghua Yu > > >> > > >> Enable newly documented SMEP (Supervisor Mode Execution Protection) = CPU > > >> feature in kernel. > > >> > > >> SMEP prevents the CPU in kernel-mode to jump to an executable page t= hat > > >> does > > >> not have the kernel/system flag set in the pte. This prevents the ke= rnel > > >> from executing user-space code accidentally or maliciously, so it for > > >> example > > >> prevents kernel exploits from jumping to specially prepared user-mode > > >> shell > > >> code. The violation will cause page fault #PF and will have error co= de > > >> identical to XD violation. > > >> > > >> CR4.SMEP (bit 20) is 0 at power-on. If the feature is supported by C= PU > > >> (X86_FEATURE_SMEP), enable SMEP by setting CR4.SMEP. New kernel > > >> option nosmep disables the feature even if the feature is supported = by > > >> CPU. > > >> > > >> Signed-off-by: Fenghua Yu > > > > > > So, where is the mentioned documentation for SMEP ? Rev. 38 of the > > > Intel(R) 64 and IA-32 Architectures Software Developer's Manual does > > > not contain the description, at least at the places where I looked and > > > expected to find it. > >=20 > > http://www.intel.com/Assets/PDF/manual/325384.pdf > >=20 > > Intel? 64 and IA-32 Architectures Software Developer?s Manual > > Volume 3 (3A & 3B): > > System Programming Guide >=20 > Which revision? It is not documented in revision 38 from April 2011. >=20 > I just downloaded that link, and it is still revision 38 and has no menti= on=20 > 'SMEP'. Also, bit 20 of CR4 is still marked as Reserved in that manual= =20 > (section 2.5). This is exactly what I said about rev. 38 in my original reply. --mqabeeRFEDQfpoIl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEARECAAYFAk3T6FcACgkQC3+MBN1Mb4i6bACgxDsmB8Xdzjrx728CaaFis+sd 5v0AoKnzcbE0AAWzbNh6ayeULLg6/0tv =1K4X -----END PGP SIGNATURE----- --mqabeeRFEDQfpoIl--