socsvn commit: r272436 - in soc2014/op/freebsd-base/sys: amd64/amd64 conf kern x86/include

op at FreeBSD.org op at FreeBSD.org
Thu Aug 14 19:49:32 UTC 2014 

Author: op
Date: Thu Aug 14 19:49:28 2014
New Revision: 272436
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=272436

Log:
  KSP SMAP: added KSP_FRAMEWORK and INTEL_SMAP_SUPPORT knobs
  
  Signed-off-by: Oliver Pinter <oliver.pntr at gmail.com>
  
  git: https://github.com/opntr/opBSD/tree/op/gsoc2014/master

Modified:
  soc2014/op/freebsd-base/sys/amd64/amd64/initcpu.c
  soc2014/op/freebsd-base/sys/amd64/amd64/machdep.c
  soc2014/op/freebsd-base/sys/amd64/amd64/pmap.c
  soc2014/op/freebsd-base/sys/amd64/amd64/trap.c
  soc2014/op/freebsd-base/sys/conf/NOTES
  soc2014/op/freebsd-base/sys/conf/files.amd64
  soc2014/op/freebsd-base/sys/conf/options
  soc2014/op/freebsd-base/sys/conf/options.amd64
  soc2014/op/freebsd-base/sys/kern/kern_linker.c
  soc2014/op/freebsd-base/sys/x86/include/selfpatch-asmacros.h

Modified: soc2014/op/freebsd-base/sys/amd64/amd64/initcpu.c
==============================================================================
--- soc2014/op/freebsd-base/sys/amd64/amd64/initcpu.c	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/amd64/amd64/initcpu.c	Thu Aug 14 19:49:28 2014	(r272436)
@@ -176,8 +176,10 @@
 	 */
 	if (!IS_BSP() && (cpu_stdext_feature & CPUID_STDEXT_SMEP))
 		cr4 |= CR4_SMEP;
+#ifdef INTEL_SMAP_SUPPORT
 	if (!IS_BSP() && (cpu_stdext_feature & CPUID_STDEXT_SMAP))
 		cr4 |= CR4_SMAP;
+#endif
 	load_cr4(cr4);
 	if ((amd_feature & AMDID_NX) != 0) {
 		msr = rdmsr(MSR_EFER) | EFER_NXE;

Modified: soc2014/op/freebsd-base/sys/amd64/amd64/machdep.c
==============================================================================
--- soc2014/op/freebsd-base/sys/amd64/amd64/machdep.c	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/amd64/amd64/machdep.c	Thu Aug 14 19:49:28 2014	(r272436)
@@ -53,6 +53,7 @@
 #include "opt_perfmon.h"
 #include "opt_platform.h"
 #include "opt_sched.h"
+#include "opt_selfpatch.h"
 
 #include <sys/param.h>
 #include <sys/proc.h>
@@ -1999,8 +2000,10 @@
 	initializecpu();	/* Initialize CPU registers */
 	initializecpucache();
 
+#if defined(KSP_FRAMEWORK) || defined(INTEL_SMAP_SUPPORT)
 	/* selfmodify kernel text, when needed */
 	lf_selfpatch(linker_kernel_file, 0);
+#endif
 
 	/* doublefault stack space, runs on ist1 */
 	common_tss[0].tss_ist1 = (long)&dblfault_stack[sizeof(dblfault_stack)];

Modified: soc2014/op/freebsd-base/sys/amd64/amd64/pmap.c
==============================================================================
--- soc2014/op/freebsd-base/sys/amd64/amd64/pmap.c	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/amd64/amd64/pmap.c	Thu Aug 14 19:49:28 2014	(r272436)
@@ -100,6 +100,7 @@
  *	and to when physical maps must be made correct.
  */
 
+#include "opt_cpu.h"
 #include "opt_pmap.h"
 #include "opt_vm.h"
 
@@ -835,12 +836,14 @@
 	if (cpu_stdext_feature & CPUID_STDEXT_SMEP)
 		load_cr4(rcr4() | CR4_SMEP);
 
+#ifdef INTEL_SMAP_SUPPORT
 	if (cpu_stdext_feature & CPUID_STDEXT_SMAP) {
 		printf("Intel SMAP: enabled\n");
 		load_cr4(rcr4() | CR4_SMAP);
 	} else {
 		printf("Intel SMAP: not supported or disabled\n");
 	}
+#endif
 
 	/*
 	 * Initialize the kernel pmap (which is statically allocated).

Modified: soc2014/op/freebsd-base/sys/amd64/amd64/trap.c
==============================================================================
--- soc2014/op/freebsd-base/sys/amd64/amd64/trap.c	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/amd64/amd64/trap.c	Thu Aug 14 19:49:28 2014	(r272436)
@@ -698,6 +698,7 @@
 
 		map = &vm->vm_map;
 
+#ifdef INTEL_SMAP_SUPPORT
 		/*
 		 * If CPL < 3, SMAP protections are disabled if EFLAGS.AC = 1.
 		 * If CPL = 3, SMAP applies to all supervisor-mode data accesses
@@ -709,6 +710,7 @@
 			trap_fatal(frame, eva);
 			return(-1);
 		}
+#endif
 
 		/*
 		 * When accessing a usermode address, kernel must be
@@ -881,7 +883,7 @@
 		panic("unknown/reserved trap");
 }
 
-
+#ifdef INTEL_SMAP_SUPPORT
 /*
  * Supervisor Mode Access Prevention violation
  *
@@ -906,6 +908,7 @@
 	 */
 	return (true);
 }
+#endif
 
 /*
  * Double fault handler. Called when a fault occurs while writing

Modified: soc2014/op/freebsd-base/sys/conf/NOTES
==============================================================================
--- soc2014/op/freebsd-base/sys/conf/NOTES	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/conf/NOTES	Thu Aug 14 19:49:28 2014	(r272436)
@@ -2986,3 +2986,7 @@
 
 # Module to enable execution of application via emulators like QEMU
 options         IMAGACT_BINMISC
+
+# Kernel selfpatch framework
+options 	KSP_FRAMEWORK
+options 	KSP_DEBUG

Modified: soc2014/op/freebsd-base/sys/conf/files.amd64
==============================================================================
--- soc2014/op/freebsd-base/sys/conf/files.amd64	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/conf/files.amd64	Thu Aug 14 19:49:28 2014	(r272436)
@@ -439,7 +439,7 @@
 isa/syscons_isa.c		optional	sc
 isa/vga_isa.c			optional	vga
 kern/kern_clocksource.c		standard
-kern/kern_selfpatch.c		standard
+kern/kern_selfpatch.c		optional	ksp_framework | intel_smap_support
 kern/link_elf_obj.c		standard
 #
 # IA32 binary support
@@ -554,7 +554,7 @@
 x86/x86/nexus.c			standard
 x86/x86/tsc.c			standard
 x86/x86/delay.c			standard
-x86/x86/selfpatch_machdep.c	standard
+x86/x86/selfpatch_machdep.c	optional	ksp_framework | intel_smap_support
 x86/xen/hvm.c			optional	xenhvm
 x86/xen/xen_intr.c		optional	xen | xenhvm
 x86/xen/pv.c			optional	xenhvm

Modified: soc2014/op/freebsd-base/sys/conf/options
==============================================================================
--- soc2014/op/freebsd-base/sys/conf/options	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/conf/options	Thu Aug 14 19:49:28 2014	(r272436)
@@ -927,4 +927,5 @@
 RANDOM_RWFILE	opt_random.h
 
 # kernel selfpatch
+KSP_FRAMEWORK	opt_selfpatch.h
 KSP_DEBUG	opt_selfpatch.h

Modified: soc2014/op/freebsd-base/sys/conf/options.amd64
==============================================================================
--- soc2014/op/freebsd-base/sys/conf/options.amd64	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/conf/options.amd64	Thu Aug 14 19:49:28 2014	(r272436)
@@ -65,3 +65,6 @@
 
 # options for the Intel C600 SAS driver (isci)
 ISCI_LOGGING	opt_isci.h
+
+# Intel Supervisor Mode Access Prevention
+INTEL_SMAP_SUPPORT	opt_cpu.h

Modified: soc2014/op/freebsd-base/sys/kern/kern_linker.c
==============================================================================
--- soc2014/op/freebsd-base/sys/kern/kern_linker.c	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/kern/kern_linker.c	Thu Aug 14 19:49:28 2014	(r272436)
@@ -27,9 +27,11 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
+#include "opt_cpu.h"
 #include "opt_ddb.h"
 #include "opt_kld.h"
 #include "opt_hwpmc_hooks.h"
+#include "opt_selfpatch.h"
 
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -421,11 +423,13 @@
 				return (error);
 			}
 			modules = !TAILQ_EMPTY(&lf->modules);
+#if defined(KSP_FRAMEWORK) || defined (INTEL_SMAP_SUPPORT)
 			error = lf_selfpatch(lf, KSP_MODULE);
 			if (error != 0) {
 				linker_file_unload(lf, LINKER_UNLOAD_FORCE);
 				return (error);
 			}
+#endif
 			linker_file_register_sysctls(lf);
 			linker_file_sysinit(lf);
 			lf->flags |= LINKER_FILE_LINKED;
@@ -1614,13 +1618,14 @@
 			goto fail;
 		}
 		linker_file_register_modules(lf);
-		/* XXXOP */
+#if defined(KSP_FRAMEWORK) || defined(INTEL_SMAP_SUPPORT)
 		error = lf_selfpatch(lf, KSP_MODULE);
 		if (error != 0) {
 			printf("KLD file %s - could not selfpatching\n",
 			    lf->filename);
 			goto fail;
 		}
+#endif
 		if (linker_file_lookup_set(lf, "sysinit_set", &si_start,
 		    &si_stop, NULL) == 0)
 			sysinit_add(si_start, si_stop);

Modified: soc2014/op/freebsd-base/sys/x86/include/selfpatch-asmacros.h
==============================================================================
--- soc2014/op/freebsd-base/sys/x86/include/selfpatch-asmacros.h	Thu Aug 14 19:49:05 2014	(r272435)
+++ soc2014/op/freebsd-base/sys/x86/include/selfpatch-asmacros.h	Thu Aug 14 19:49:28 2014	(r272436)
@@ -30,6 +30,8 @@
 #ifndef	__X86_SELFPATCH_ASMACROS_H__
 #define	__X86_SELFPATCH_ASMACROS_H__
 
+#include "opt_cpu.h"
+
 #define KSP_CPUID		1
 #define KSP_CPUID2		2
 #define KSP_AMDID		3
@@ -130,10 +132,15 @@
 			.quad	0 ; 					\
 		.popsection ;
 
+#ifdef INTEL_SMAP_SUPPORT
 #ifndef	_clac
 #define _clac	KSP_INSTR_NOP3_CLAC
 #endif
-
+#else
+#ifndef _clac
+#define _clac
+#endif
+#endif
 
 #define KSP_INSTR_NOP3_STAC						\
 	0723: 								\
@@ -154,8 +161,14 @@
 			.quad	0 ; 					\
 		.popsection ;
 
+#ifdef INTEL_SMAP_SUPPORT
 #ifndef _stac
 #define _stac	KSP_INSTR_NOP3_STAC
 #endif
+#else
+#ifndef _stac
+#define _stac
+#endif
+#endif
 
 #endif /* __X86_SELFPATCH_ASMACROS_H__ */

More information about the svn-soc-all mailing list