From owner-freebsd-current@FreeBSD.ORG Tue Aug 5 12:21:06 2008 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EE236106567E; Tue, 5 Aug 2008 12:21:06 +0000 (UTC) (envelope-from stas@ht-systems.ru) Received: from smtp.ht-systems.ru (mr0.ht-systems.ru [78.110.50.55]) by mx1.freebsd.org (Postfix) with ESMTP id A4E0C8FC2C; Tue, 5 Aug 2008 12:21:00 +0000 (UTC) (envelope-from stas@ht-systems.ru) Received: from [83.166.229.34] (helo=sputnik.SpringDaemons.com) by smtp.ht-systems.ru with esmtpa (Exim 4.62) (envelope-from ) id 1KQLX4-0008G7-1P; Tue, 05 Aug 2008 16:20:54 +0400 Received: by sputnik.SpringDaemons.com (Postfix, from userid 1024) id 04CCD942102; Tue, 5 Aug 2008 16:15:25 +0400 (MSD) Date: Tue, 5 Aug 2008 16:15:20 +0400 From: Stanislav Sedov To: Kostik Belousov Message-Id: <20080805161520.90001117.stas@FreeBSD.org> In-Reply-To: <20080805115315.GE97161@deviant.kiev.zoral.com.ua> References: <10261.1212703949@critter.freebsd.dk> <20080606025533.8322ee08.stas@FreeBSD.org> <1212758604.1904.33.camel@localhost> <20080615230250.7f3efae4.stas@FreeBSD.org> <1213557999.1816.15.camel@localhost> <20080616204433.48ad9879.stas@FreeBSD.org> <20080616222740.5cdd9490.stas@FreeBSD.org> <1213641761.2184.0.camel@localhost> <20080805140324.9f53ba9b.stas@FreeBSD.org> <20080805115315.GE97161@deviant.kiev.zoral.com.ua> Organization: The FreeBSD Project X-XMPP: ssedov@jabber.ru X-Voice: +7 916 849 20 23 X-PGP-Fingerprin: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581 X-Mailer: carrier-pigeon Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA1"; boundary="Signature=_Tue__5_Aug_2008_16_15_20_+0400_jZV9k1g+v=MJpoQS" Cc: Rui Paulo , current@freebsd.org, Peter Jeremy , Stanislav Sedov , Poul-Henning Kamp , Coleman Kane Subject: Re: cpuctl(formely devcpu) patch test request X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2008 12:21:07 -0000 --Signature=_Tue__5_Aug_2008_16_15_20_+0400_jZV9k1g+v=MJpoQS Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, 5 Aug 2008 14:53:15 +0300 Kostik Belousov mentioned: > On Tue, Aug 05, 2008 at 02:03:24PM +0400, Stanislav Sedov wrote: > > On Mon, 16 Jun 2008 14:42:41 -0400 > > Coleman Kane mentioned: > >=20 > > >=20 > > > Is it potentially "unsafe" to use RDMSR? > > > > >=20 > > Well, it might disclose some sensitive information, > > as well as create covert channels. E.g. some of the > > registers contains kernel thread pointers, etc; some > > of them undocumented. It won't be very wise to give > > access to the rdmsr feature to all users on a > > multi-user machine. > >=20 > > Sorry for this taking so long. You messages spotted > > a bug in my security model for this driver, so I've > > redone that. Now, the access to the rdmsr and cpuid > > features will be granted only if the caller has > > read permissions on the device, and wrmsr/update > > - only if he've opened the device for writing. > > This way you can provide fine-grained control to > > the driver features. > >=20 > > I've also added the cpucontrol utility which provided > > userland accesss to the driver, and allows to apply > > microcode updates. > >=20 > > The latest patch against HEAD is available here: > > ftp://ftp.SpringDaemons.com/dustheap/cpuctl.4.diff > >=20 > > Thanks! >=20 > --- a/sys/amd64/amd64/support.S > +++ b/sys/amd64/amd64/support.S > @@ -765,6 +765,7 @@ ENTRY(wrmsr_safe) > */ > ALIGN_TEXT > msr_onfault: > - movq $0,PCB_ONFAULT(%r8) > - movl $EFAULT,%eax > + movq PCPU(CURPCB),%r8 /* set fault handler */ > + movq $0,PCB_ONFAULT(%r8) > + movq $EFAULT,%rax > ret >=20 > movq $EFAULT,%rax is better to be replaced by movl, %eax. Amd64 specifies > automatic zeroing of the upper-half of the registers on the 32bit operati= on. >=20 Yeah, it seems that I thought about this initially, but decided that this was unsafe lately. Thanks for suggestion! There's a fixed version: ftp://ftp.SpringDaemons.com/dustheap/cpuctl.5.diff --=20 Stanislav Sedov ST4096-RIPE --Signature=_Tue__5_Aug_2008_16_15_20_+0400_jZV9k1g+v=MJpoQS Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkiYRF0ACgkQK/VZk+smlYF7kwCdF/AwMolDqHnkV50Z0e3SS1yh fl8An31xxlMTsa29pIHdMzoTdeE7SPmM =5tYo -----END PGP SIGNATURE----- --Signature=_Tue__5_Aug_2008_16_15_20_+0400_jZV9k1g+v=MJpoQS--