[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v1 0/6] x86: Enable Supervisor Mode Execution Prevention (SMAP)
Please ignore this one, the title is incorrect, I will send out the correct one soon! > -----Original Message----- > From: Wu, Feng > Sent: Tuesday, April 15, 2014 8:58 PM > To: JBeulich@xxxxxxxx; Ian.Campbell@xxxxxxxxxx; xen-devel@xxxxxxxxxxxxx > Cc: Nakajima, Jun; Dong, Eddie; Wu, Feng > Subject: [PATCH v1 0/6] x86: Enable Supervisor Mode Execution Prevention > (SMAP) > > Supervisor Mode Access Prevention (SMAP) is a new security > feature disclosed by Intel, please refer to the following > document: > > http://software.intel.com/sites/default/files/319433-014.pdf > > Every access to a linear address is either a supervisor-mode > access or a user-mode access. All accesses performed while the > current privilege level (CPL) is less than 3 are supervisor-mode > accesses. If CPL = 3, accesses are generally user-mode accesses. > However, some operations implicitly access system data structures, > and the resulting accesses to those data structures are supervisor-mode > accesses regardless of CPL. Examples of such implicit supervisor > accesses include the following: accesses to the global descriptor > table (GDT) or local descriptor table (LDT) to load a segment descriptor; > accesses to the interrupt descriptor table (IDT) when delivering an > interrupt or exception; and accesses to the task-state segment (TSS) as > part of a task switch or change of CPL. > > If CR4.SMAP = 1, supervisor-mode data accesses are not allowed > to linear addresses that are accessible in user mode. If CPL < 3, > SMAP protections are disabled if EFLAGS.AC = 1. If CPL = 3, SMAP > applies to all supervisor-mode data accesses (these are implicit > supervisor accesses) regardless of the value of EFLAGS.AC. > > Version 1: > * Add two macros for STAC/CLAC instructions > * Temporary disable SMAP to legally access user pages in kernel mode > * Enable Supervisor Mode Execution Prevention (SMAP) for Xen itself > * Add SMAP support to HVM guest > * Disable SMAP feature when guest is in non-paging mode > > Since Linux kernel has already supported SMAP, I tested this patch both > in EPT and shadow mode with Linux guest, they work well. And I also > tested the failure case, in which, I triggered an SMAP violation in > the guest kernel and Linux successfully received the related page > fault. > > Feng Wu (6): > x86: Add support for STAC/CLAC instructions > x86: Temporary disable SMAP to legally access user pages in kernel > mode > x86: Enable Supervisor Mode Execution Prevention (SMAP) for Xen > x86/hvm: Add SMAP support to HVM guest > VMX: Disable SMAP feature when guest is in non-paging mode > x86/tools: Expose SMAP to HVM guests > > tools/libxc/xc_cpufeature.h | 1 + > tools/libxc/xc_cpuid_x86.c | 1 + > xen/arch/x86/clear_page.S | 3 ++ > xen/arch/x86/domain_build.c | 16 ++++++++ > xen/arch/x86/hvm/hvm.c | 3 ++ > xen/arch/x86/hvm/vmx/vmx.c | 6 +-- > xen/arch/x86/mm/guest_walk.c | 27 +++++++++++-- > xen/arch/x86/setup.c | 9 +++++ > xen/arch/x86/traps.c | 34 +++++++++++++---- > xen/arch/x86/usercopy.c | 6 +++ > xen/arch/x86/x86_64/asm-offsets.c | 1 + > xen/arch/x86/x86_64/compat/entry.S | 2 + > xen/arch/x86/x86_64/entry.S | 4 ++ > xen/include/asm-x86/cpufeature.h | 1 + > xen/include/asm-x86/domain.h | 6 ++- > xen/include/asm-x86/hvm/hvm.h | 13 +++++++ > xen/include/asm-x86/uaccess.h | 4 ++ > xen/include/asm-x86/x86_64/asm_defns.h | 70 > ++++++++++++++++++++++++++++++++++ > xen/include/asm-x86/x86_64/system.h | 2 + > 19 files changed, 192 insertions(+), 17 deletions(-) > > -- > 1.8.3.1 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |