artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 16cf93e) | patch
On cpu with the PKU feature, prot=PROT_EXEC pages now create pte which
authorderaadt <deraadt@openbsd.org>
Fri, 20 Jan 2023 16:01:04 +0000 (16:01 +0000)
committerderaadt <deraadt@openbsd.org>
Fri, 20 Jan 2023 16:01:04 +0000 (16:01 +0000)
commite9e0c464329db9b56e1f2db65b0f536e53aa7e5f
tree0eca375e39abdfb78d8404dde4fd04be77c980fetree | snapshot
parent16cf93ef1649736fb0e54c7343903d8bb78fabd3commit | diff
On cpu with the PKU feature, prot=PROT_EXEC pages now create pte which
contain PG_XO, which is PKU key1.  On every exit from kernel to userland,
force the PKU register to inhibit data read against key1 memory.  On
(some) traps into the kernel if the PKU register is changed, abort the
process (processes have no reason to change the PKU register).  This
provides us with viable xonly functionality on most modern intel & AMD
cpus.  I started with a xsave-based diff from dv@, but discovered the
fpu save/restore logic wasn't a good fit and went to direct register management.
Disabled on HV (vm) systems until we know they handle PKU correctly.
ok kettenis, dv, guenther, etc
sys/arch/amd64/amd64/cpu.c diff | blob | history
sys/arch/amd64/amd64/locore.S diff | blob | history
sys/arch/amd64/amd64/pmap.c diff | blob | history
sys/arch/amd64/amd64/trap.c diff | blob | history
sys/arch/amd64/amd64/vector.S diff | blob | history
sys/arch/amd64/include/cpufunc.h diff | blob | history
sys/arch/amd64/include/pte.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim