From owner-freebsd-hackers@FreeBSD.ORG  Wed May 18 18:48:03 2011
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 64D691065672;
	Wed, 18 May 2011 18:48:03 +0000 (UTC)
	(envelope-from oliver.pntr@gmail.com)
Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com
	[74.125.82.182])
	by mx1.freebsd.org (Postfix) with ESMTP id C6E7D8FC17;
	Wed, 18 May 2011 18:48:02 +0000 (UTC)
Received: by wyf23 with SMTP id 23so1930754wyf.13
	for <multiple recipients>; Wed, 18 May 2011 11:48:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type;
	bh=aqtG2oJ86j0x2nWX3gMyoFBr6QwnmMHejDbmWcE6wcg=;
	b=wqGuckbuV5g812JZXNRllE2X6bLyGz2Tdw1ZqJc228kK6eld1ImggwU28b04H3HZ8K
	74d2yRdG/uJ4JyDZVteN45on7vWkAZTiBG2a3/3WJy4+EV/YdJZbKbl4JTkgQg1+ZawE
	2aOIvDjzKQYvYVw6t/GAhiNuD55ibcMQ3GhQk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=ca2I9Ac+P0vUpT6hqmzwRAnC3aU/HohxB8bFPb6GgwvCdG6tvePjR0ymo6x2eOaO+O
	C2OF8F7OVFqNgccBlaKlOGzPjU4NzPGPgs2TJnYSzEiNNxwztvPU0lOt8C6j/f61X60c
	6rzI3iM0fGd/RwNWfI8rUhW3O6QplAS3q6Mkw=
MIME-Version: 1.0
Received: by 10.227.55.20 with SMTP id s20mr2238842wbg.15.1305744481136; Wed,
	18 May 2011 11:48:01 -0700 (PDT)
Received: by 10.227.209.209 with HTTP; Wed, 18 May 2011 11:48:01 -0700 (PDT)
In-Reply-To: <20110518154007.GR48734@deviant.kiev.zoral.com.ua>
References: <1305581685-5144-1-git-send-email-fenghua.yu@intel.com>
	<20110518010353.GQ48734@deviant.kiev.zoral.com.ua>
	<BANLkTimHmZCO9couAxsW1rf81Qm2FAHrZw@mail.gmail.com>
	<201105181050.30128.jhb@freebsd.org>
	<20110518154007.GR48734@deviant.kiev.zoral.com.ua>
Date: Wed, 18 May 2011 20:48:01 +0200
Message-ID: <BANLkTikDprTv4sty0yQB5Z5z=2gSNjpqig@mail.gmail.com>
From: Oliver Pinter <oliver.pntr@gmail.com>
To: Kostik Belousov <kostikbel@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-hackers@freebsd.org
Subject: Re: Fwd: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 May 2011 18:48:03 -0000

On 5/18/11, Kostik Belousov <kostikbel@gmail.com> wrote:
> On Wed, May 18, 2011 at 10:50:30AM -0400, John Baldwin wrote:
>> On Wednesday, May 18, 2011 8:31:15 am Oliver Pinter wrote:
>> > On 5/18/11, Kostik Belousov <kostikbel@gmail.com> wrote:
>> > > On Wed, May 18, 2011 at 02:03:07AM +0200, Oliver Pinter wrote:
>> > >> ---------- Forwarded message ----------
>> > >> From: Fenghua Yu <fenghua.yu@intel.com>
>> > >> Date: Mon, 16 May 2011 14:34:44 -0700
>> > >> Subject: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP
>> > >> To: Ingo Molnar <mingo@elte.hu>, Thomas Gleixner
>> > >> <tglx@linutronix.de>,
>> > >> H Peter Anvin <hpa@zytor.com>, Asit K Mallick
>> > >> <asit.k.mallick@intel.com>, Linus Torvalds
>> > >> <torvalds@linux-foundation.org>, Avi Kivity <avi@redhat.com>, Arjan
>> > >> van de Ven <arjan@infradead.org>, Andrew Morton
>> > >> <akpm@linux-foundation.org>, Andi Kleen <andi@firstfloor.org>
>> > >> Cc: linux-kernel <linux-kernel@vger.kernel.org>, Fenghua Yu
>> > >> <fenghua.yu@intel.com>
>> > >>
>> > >> From: Fenghua Yu <fenghua.yu@intel.com>
>> > >>
>> > >> Enable newly documented SMEP (Supervisor Mode Execution Protection)
>> > >> CPU
>> > >> feature in kernel.
>> > >>
>> > >> SMEP prevents the CPU in kernel-mode to jump to an executable page
>> > >> that
>> > >> does
>> > >> not have the kernel/system flag set in the pte. This prevents the
>> > >> kernel
>> > >> from executing user-space code accidentally or maliciously, so it for
>> > >> example
>> > >> prevents kernel exploits from jumping to specially prepared user-mode
>> > >> shell
>> > >> code. The violation will cause page fault #PF and will have error
>> > >> code
>> > >> identical to XD violation.
>> > >>
>> > >> CR4.SMEP (bit 20) is 0 at power-on. If the feature is supported by
>> > >> CPU
>> > >> (X86_FEATURE_SMEP), enable SMEP by setting CR4.SMEP. New kernel
>> > >> option nosmep disables the feature even if the feature is supported
>> > >> by
>> > >> CPU.
>> > >>
>> > >> Signed-off-by: Fenghua Yu <fenghua.yu@intel.com>
>> > >
>> > > So, where is the mentioned documentation for SMEP ? Rev. 38 of the
>> > > Intel(R) 64 and IA-32 Architectures Software Developer's Manual does
>> > > not contain the description, at least at the places where I looked and
>> > > expected to find it.
>> >
>> > http://www.intel.com/Assets/PDF/manual/325384.pdf
>> >
>> > Intel? 64 and IA-32 Architectures Software Developer?s Manual
>> >                    Volume 3 (3A & 3B):
>> >              System Programming Guide
>>
>> Which revision?  It is not documented in revision 38 from April 2011.
>>
>> I just downloaded that link, and it is still revision 38 and has no
>> mention

no, under the original intel link i find rev.39

Order Number: 325384-039US
May 2011

uploaded here:
http://oliverp.teteny.bme.hu/up/325384.pdf


>> 'SMEP'.  Also, bit 20 of CR4 is still marked as Reserved in that manual
>> (section 2.5).
> This is exactly what I said about rev. 38 in my original reply.
>