cpuctl(formely devcpu) patch test request
kostikbel at gmail.com
Tue Aug 5 12:11:17 UTC 2008
On Tue, Aug 05, 2008 at 02:03:24PM +0400, Stanislav Sedov wrote:
> On Mon, 16 Jun 2008 14:42:41 -0400
> Coleman Kane <cokane at FreeBSD.org> mentioned:
> > Is it potentially "unsafe" to use RDMSR?
> Well, it might disclose some sensitive information,
> as well as create covert channels. E.g. some of the
> registers contains kernel thread pointers, etc; some
> of them undocumented. It won't be very wise to give
> access to the rdmsr feature to all users on a
> multi-user machine.
> Sorry for this taking so long. You messages spotted
> a bug in my security model for this driver, so I've
> redone that. Now, the access to the rdmsr and cpuid
> features will be granted only if the caller has
> read permissions on the device, and wrmsr/update
> - only if he've opened the device for writing.
> This way you can provide fine-grained control to
> the driver features.
> I've also added the cpucontrol utility which provided
> userland accesss to the driver, and allows to apply
> microcode updates.
> The latest patch against HEAD is available here:
@@ -765,6 +765,7 @@ ENTRY(wrmsr_safe)
- movq $0,PCB_ONFAULT(%r8)
- movl $EFAULT,%eax
+ movq PCPU(CURPCB),%r8 /* set fault handler */
+ movq $0,PCB_ONFAULT(%r8)
+ movq $EFAULT,%rax
movq $EFAULT,%rax is better to be replaced by movl, %eax. Amd64 specifies
automatic zeroing of the upper-half of the registers on the 32bit operation.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20080805/8d193a42/attachment.pgp
More information about the freebsd-current