d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-nq/sys/amd64/include
History
Konstantin Belousov b4dfc9d7ad PTI: Trap if we returned to userspace with kernel (full) page table 
still active.

Map userspace portion of VA in the PTI kernel-mode page table as
non-executable. This way, if we ever miss reloading ucr3 into %cr3 on
the return to usermode, the process traps instead of executing in
potentially vulnerable setup.  Catch the condition of such trap and
verify user-mode %cr3, which is saved by page fault handler.

I peek this trick in some article about Linux implementation.

Reviewed by:	alc, markj (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
DIfferential revision:	https://reviews.freebsd.org/D13956
2018-01-19 22:10:29 +00:00
..
pc
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
xen
_align.h
_bus.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
_inttypes.h
_limits.h
_stdint.h
_types.h
acpica_machdep.h
apm_bios.h
asm.h
Remove lint support from system headers and MD x86 headers.
2017-11-23 11:40:16 +00:00
asmacros.h
PTI: Trap if we returned to userspace with kernel (full) page table
2018-01-19 22:10:29 +00:00
atomic.h
Add atomic_load(9) and atomic_store(9) operations.
2017-12-19 09:59:20 +00:00
bus_dma.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
bus.h
clock.h
counter.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
cpu.h
Move the kernphys declaration to machine/md_var.h.
2018-01-18 15:15:35 +00:00
cpufunc.h
Add STAC and CLAC instructions wrappers.
2018-01-14 12:39:50 +00:00
cputypes.h
Remove 'cpu' and 'cpu_class' on amd64.
2016-09-15 17:05:54 +00:00
db_machdep.h
Fix printing of negative offsets (typically from frame pointers) again.
2017-03-26 18:46:35 +00:00
dump.h
efi.h
Hide kernel stuff from userspace.
2017-10-02 08:37:43 +00:00
elf.h
endian.h
exec.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
fdt.h
float.h
floatingpoint.h
spdx: initial adoption of licensing ID tags.
2017-11-18 14:26:50 +00:00
fpu.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
frame.h
PTI for amd64.
2018-01-17 11:44:21 +00:00
gdb_machdep.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
ieeefp.h
spdx: initial adoption of licensing ID tags.
2017-11-18 14:26:50 +00:00
in_cksum.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
intr_machdep.h
Use a dedicated per-CPU stack for machine check exceptions.
2018-01-18 23:50:21 +00:00
iodev.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
kdb.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
limits.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
md_var.h
Move the kernphys declaration to machine/md_var.h.
2018-01-18 15:15:35 +00:00
memdev.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
metadata.h
minidump.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
mp_watchdog.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
nexusvar.h
npx.h
ofw_machdep.h
param.h
spdx: initial adoption of licensing ID tags.
2017-11-18 14:26:50 +00:00
pcb.h
PTI: Trap if we returned to userspace with kernel (full) page table
2018-01-19 22:10:29 +00:00
pci_cfgreg.h
pcpu.h
PTI: Trap if we returned to userspace with kernel (full) page table
2018-01-19 22:10:29 +00:00
pmap.h
PTI for amd64.
2018-01-17 11:44:21 +00:00
pmc_mdep.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
ppireg.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
proc.h
Amd64 user_ldt_deref() is not used outside sys_machdep.c. Mark it as
2018-01-17 11:21:03 +00:00
profile.h
Remove lint support from system headers and MD x86 headers.
2017-11-23 11:40:16 +00:00
psl.h
ptrace.h
pvclock.h
reg.h
reloc.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
resource.h
runq.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
segments.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
setjmp.h
sf_buf.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
sgx.h
Add support for Intel Software Guard Extensions (Intel SGX).
2017-08-16 10:38:06 +00:00
sgxreg.h
Add support for Intel Software Guard Extensions (Intel SGX).
2017-08-16 10:38:06 +00:00
sigframe.h
signal.h
smp.h
PTI for amd64.
2018-01-17 11:44:21 +00:00
specialreg.h
stack.h
stdarg.h
sysarch.h
timerreg.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
trap.h
tss.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
ucontext.h
varargs.h
spdx: initial adoption of licensing ID tags.
2017-11-18 14:26:50 +00:00
vdso.h
vm.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
vmm_dev.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
vmm_instruction_emul.h
sys/amd64: further adoption of SPDX licensing ID tags.
2017-11-27 15:03:07 +00:00
vmm.h
Save and restore guest debug registers.
2018-01-17 23:11:25 +00:00
vmparam.h
Remove SFBUF_OPTIONAL_DIRECT_MAP and such hacks, replacing them across the
2018-01-19 17:46:31 +00:00