From owner-freebsd-hackers@FreeBSD.ORG Wed May 18 12:31:18 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4A761065781 for ; Wed, 18 May 2011 12:31:18 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: from mail-ww0-f68.google.com (mail-ww0-f68.google.com [74.125.82.68]) by mx1.freebsd.org (Postfix) with ESMTP id 77A3D8FC14 for ; Wed, 18 May 2011 12:31:17 +0000 (UTC) Received: by wwb17 with SMTP id 17so194366wwb.7 for ; Wed, 18 May 2011 05:31:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=I8LM58au+HGgVd7zLWITgEoBI/3rr2+HfnbTp6pUmAo=; b=n+sNtl2bIkovdm1XZ1JYPV/sEXD+Rt6TiIb5c0UMi1rZRzdKOW37/hgvZsGjWKOPo7 /G36ZIDV0j70/DeJonGn8exthelnSqApLRrCSeVa/AWWmsGyNj27zHZPcAKVVdXfuux4 y9py/5GuRgNiCtPv7Fc7vqL5eNnasyQTswAgA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Ee6sRK+CerhinaQQ3ZGYXq+Sv5evqo98cxpuXDtMXgMaebVq2NL54vYavLR3CQu2H8 kKNRc/KosFIq0XVrA/Lzt2zcp+CB03OAq3nzCSpW7VeWdmQXQ6goGKxc3+W5KpG89Ezy pm2YaQqu39+mNhPzY5VynNc4DjNo4NaTEwQVs= MIME-Version: 1.0 Received: by 10.227.55.20 with SMTP id s20mr1853370wbg.15.1305721875761; Wed, 18 May 2011 05:31:15 -0700 (PDT) Received: by 10.227.209.209 with HTTP; Wed, 18 May 2011 05:31:15 -0700 (PDT) In-Reply-To: <20110518010353.GQ48734@deviant.kiev.zoral.com.ua> References: <1305581685-5144-1-git-send-email-fenghua.yu@intel.com> <1305581685-5144-4-git-send-email-fenghua.yu@intel.com> <20110518010353.GQ48734@deviant.kiev.zoral.com.ua> Date: Wed, 18 May 2011 14:31:15 +0200 Message-ID: From: Oliver Pinter To: Kostik Belousov Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org Subject: Re: Fwd: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 May 2011 12:31:19 -0000 On 5/18/11, Kostik Belousov wrote: > On Wed, May 18, 2011 at 02:03:07AM +0200, Oliver Pinter wrote: >> ---------- Forwarded message ---------- >> From: Fenghua Yu >> Date: Mon, 16 May 2011 14:34:44 -0700 >> Subject: [PATCH v2 3/4] x86, head_32/64.S: Enable SMEP >> To: Ingo Molnar , Thomas Gleixner , >> H Peter Anvin , Asit K Mallick >> , Linus Torvalds >> , Avi Kivity , Arjan >> van de Ven , Andrew Morton >> , Andi Kleen >> Cc: linux-kernel , Fenghua Yu >> >> >> From: Fenghua Yu >> >> Enable newly documented SMEP (Supervisor Mode Execution Protection) CPU >> feature in kernel. >> >> SMEP prevents the CPU in kernel-mode to jump to an executable page that >> does >> not have the kernel/system flag set in the pte. This prevents the kernel >> from executing user-space code accidentally or maliciously, so it for >> example >> prevents kernel exploits from jumping to specially prepared user-mode >> shell >> code. The violation will cause page fault #PF and will have error code >> identical to XD violation. >> >> CR4.SMEP (bit 20) is 0 at power-on. If the feature is supported by CPU >> (X86_FEATURE_SMEP), enable SMEP by setting CR4.SMEP. New kernel >> option nosmep disables the feature even if the feature is supported by >> CPU. >> >> Signed-off-by: Fenghua Yu > > So, where is the mentioned documentation for SMEP ? Rev. 38 of the > Intel(R) 64 and IA-32 Architectures Software Developer's Manual does > not contain the description, at least at the places where I looked and > expected to find it. http://www.intel.com/Assets/PDF/manual/325384.pdf Intel=AE 64 and IA-32 Architectures Software Developer=92s Manual Volume 3 (3A & 3B): System Programming Guide > > Looking forward to hear from you. > >