freebsd-nq/sys/amd64/include
Konstantin Belousov b4dfc9d7ad PTI: Trap if we returned to userspace with kernel (full) page table
still active.

Map userspace portion of VA in the PTI kernel-mode page table as
non-executable. This way, if we ever miss reloading ucr3 into %cr3 on
the return to usermode, the process traps instead of executing in
potentially vulnerable setup.  Catch the condition of such trap and
verify user-mode %cr3, which is saved by page fault handler.

I peek this trick in some article about Linux implementation.

Reviewed by:	alc, markj (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
DIfferential revision:	https://reviews.freebsd.org/D13956
2018-01-19 22:10:29 +00:00
..
pc sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
xen x86/xen: Consolidate xen-os.h in a single place 2015-10-21 10:04:35 +00:00
_align.h
_bus.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
_inttypes.h
_limits.h
_stdint.h
_types.h
acpica_machdep.h
apm_bios.h
asm.h Remove lint support from system headers and MD x86 headers. 2017-11-23 11:40:16 +00:00
asmacros.h PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
atomic.h Add atomic_load(9) and atomic_store(9) operations. 2017-12-19 09:59:20 +00:00
bus_dma.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
bus.h
clock.h
counter.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
cpu.h Move the kernphys declaration to machine/md_var.h. 2018-01-18 15:15:35 +00:00
cpufunc.h Add STAC and CLAC instructions wrappers. 2018-01-14 12:39:50 +00:00
cputypes.h Remove 'cpu' and 'cpu_class' on amd64. 2016-09-15 17:05:54 +00:00
db_machdep.h Fix printing of negative offsets (typically from frame pointers) again. 2017-03-26 18:46:35 +00:00
dump.h
efi.h Hide kernel stuff from userspace. 2017-10-02 08:37:43 +00:00
elf.h
endian.h
exec.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
fdt.h
float.h
floatingpoint.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
fpu.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
frame.h PTI for amd64. 2018-01-17 11:44:21 +00:00
gdb_machdep.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
ieeefp.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
in_cksum.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
intr_machdep.h Use a dedicated per-CPU stack for machine check exceptions. 2018-01-18 23:50:21 +00:00
iodev.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
kdb.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
limits.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
md_var.h Move the kernphys declaration to machine/md_var.h. 2018-01-18 15:15:35 +00:00
memdev.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
metadata.h Move amd64 metadata.h to x86 and share with i386 2016-01-07 19:47:26 +00:00
minidump.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
mp_watchdog.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
nexusvar.h
npx.h
ofw_machdep.h
param.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
pcb.h PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
pci_cfgreg.h
pcpu.h PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
pmap.h PTI for amd64. 2018-01-17 11:44:21 +00:00
pmc_mdep.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
ppireg.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
proc.h Amd64 user_ldt_deref() is not used outside sys_machdep.c. Mark it as 2018-01-17 11:21:03 +00:00
profile.h Remove lint support from system headers and MD x86 headers. 2017-11-23 11:40:16 +00:00
psl.h
ptrace.h
pvclock.h
reg.h
reloc.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
resource.h
runq.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
segments.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
setjmp.h
sf_buf.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
sgx.h Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
sgxreg.h Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
sigframe.h
signal.h
smp.h PTI for amd64. 2018-01-17 11:44:21 +00:00
specialreg.h
stack.h
stdarg.h
sysarch.h
timerreg.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
trap.h
tss.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ucontext.h
varargs.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
vdso.h
vm.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
vmm_dev.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
vmm_instruction_emul.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
vmm.h Save and restore guest debug registers. 2018-01-17 23:11:25 +00:00
vmparam.h Remove SFBUF_OPTIONAL_DIRECT_MAP and such hacks, replacing them across the 2018-01-19 17:46:31 +00:00