Date: Tue, 5 Aug 2008 14:53:15 +0300 From: Kostik Belousov <kostikbel@gmail.com> To: Stanislav Sedov <stas@freebsd.org> Cc: Peter Jeremy <peterjeremy@optushome.com.au>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Rui Paulo <rpaulo@freebsd.org>, current@freebsd.org, Coleman Kane <cokane@freebsd.org> Subject: Re: cpuctl(formely devcpu) patch test request Message-ID: <20080805115315.GE97161@deviant.kiev.zoral.com.ua> In-Reply-To: <20080805140324.9f53ba9b.stas@FreeBSD.org> References: <10261.1212703949@critter.freebsd.dk> <20080606025533.8322ee08.stas@FreeBSD.org> <1212758604.1904.33.camel@localhost> <20080615230250.7f3efae4.stas@FreeBSD.org> <1213557999.1816.15.camel@localhost> <20080616204433.48ad9879.stas@FreeBSD.org> <e1309ba60806161110x5f774fcdic2f5c7b2e7bcb83e@mail.gmail.com> <20080616222740.5cdd9490.stas@FreeBSD.org> <1213641761.2184.0.camel@localhost> <20080805140324.9f53ba9b.stas@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--wVZWOnidjbeavOSq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 05, 2008 at 02:03:24PM +0400, Stanislav Sedov wrote: > On Mon, 16 Jun 2008 14:42:41 -0400 > Coleman Kane <cokane@FreeBSD.org> mentioned: >=20 > >=20 > > Is it potentially "unsafe" to use RDMSR? > > >=20 > Well, it might disclose some sensitive information, > as well as create covert channels. E.g. some of the > registers contains kernel thread pointers, etc; some > of them undocumented. It won't be very wise to give > access to the rdmsr feature to all users on a > multi-user machine. >=20 > Sorry for this taking so long. You messages spotted > a bug in my security model for this driver, so I've > redone that. Now, the access to the rdmsr and cpuid > features will be granted only if the caller has > read permissions on the device, and wrmsr/update > - only if he've opened the device for writing. > This way you can provide fine-grained control to > the driver features. >=20 > I've also added the cpucontrol utility which provided > userland accesss to the driver, and allows to apply > microcode updates. >=20 > The latest patch against HEAD is available here: > ftp://ftp.SpringDaemons.com/dustheap/cpuctl.4.diff >=20 > Thanks! --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -765,6 +765,7 @@ ENTRY(wrmsr_safe) */ ALIGN_TEXT msr_onfault: - movq $0,PCB_ONFAULT(%r8) - movl $EFAULT,%eax + movq PCPU(CURPCB),%r8 /* set fault handler */ + movq $0,PCB_ONFAULT(%r8) + movq $EFAULT,%rax ret movq $EFAULT,%rax is better to be replaced by movl, %eax. Amd64 specifies automatic zeroing of the upper-half of the registers on the 32bit operation. --wVZWOnidjbeavOSq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkiYPysACgkQC3+MBN1Mb4i+LgCfZtCdUbyfYJd/ZI8/UJZrxvmR ZhQAoJVeLMQUJix5tKFuA/zdw60D7B+Q =cuz5 -----END PGP SIGNATURE----- --wVZWOnidjbeavOSq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080805115315.GE97161>