[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1 3/6] x86: Enable Supervisor Mode Access Prevention (SMAP) for Xen



>>> On 15.04.14 at 15:40, <feng.wu@xxxxxxxxx> wrote:
> @@ -61,6 +61,10 @@ integer_param("maxcpus", max_cpus);
>  static bool_t __initdata disable_smep;
>  invbool_param("smep", disable_smep);
>  
> +/* smap: Enable/disable Supervisor Mode Access Prevention (default on). */
> +static bool_t __initdata disable_smap;
> +invbool_param("smap", disable_smap);

This wants an entry in docs/misc/xen-command-line.markdown.

> @@ -1270,11 +1272,26 @@ leaf:
>           ((error_code & (PFEC_insn_fetch|PFEC_user_mode)) == 
> PFEC_insn_fetch) )
>          return smep_fault;
>  
> +    /*
> +     * Supervisor Mode Access Prevention (SMAP):
> +     * Disallow supervisor access user-accessible mappings
> +     * A fault is considered as an SMAP violation if the following
> +     * conditions are ture:
> +     *   - X86_CR4_SMAP is set in CR4
> +     *   - An user page is accessed
> +     *   - CPL=3 or X86_EFLAGS_AC is clear
> +     *   - Page fault in kernel mode
> +     */
> +    if ( (read_cr4() & X86_CR4_SMAP) && page_user &&
> +         !(((regs->cs & 0x03) < 3) && (regs->eflags & X86_EFLAGS_AC)) &&
> +         !(error_code & PFEC_user_mode) )
> +        return smap_fault;

Please combine this conditional with the SMEP one (check page_user
only first and read CR4 just once).

> @@ -1379,8 +1396,8 @@ void do_page_fault(struct cpu_user_regs *regs)
>  
>      if ( unlikely(!guest_mode(regs)) )
>      {
> -        pf_type = spurious_page_fault(addr, error_code);
> -        BUG_ON(pf_type == smep_fault);
> +        pf_type = spurious_page_fault(addr, regs);
> +        BUG_ON((pf_type == smep_fault) || (pf_type == smap_fault));

Please make these two separate BUG_ON()s, so one has a slightly
better chance to telling them apart without having to disassemble
the code and check pf_type in register/memory.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.