freebsd-nq/sys/amd64
Konstantin Belousov b4dfc9d7ad PTI: Trap if we returned to userspace with kernel (full) page table
still active.

Map userspace portion of VA in the PTI kernel-mode page table as
non-executable. This way, if we ever miss reloading ucr3 into %cr3 on
the return to usermode, the process traps instead of executing in
potentially vulnerable setup.  Catch the condition of such trap and
verify user-mode %cr3, which is saved by page fault handler.

I peek this trick in some article about Linux implementation.

Reviewed by:	alc, markj (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
DIfferential revision:	https://reviews.freebsd.org/D13956
2018-01-19 22:10:29 +00:00
..
acpica sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
amd64 PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
cloudabi32 Use TO_PTR() to convert integers to pointers. 2017-11-26 14:45:56 +00:00
cloudabi64 Use TO_PTR() to convert integers to pointers. 2017-11-26 14:45:56 +00:00
conf Move VM_NUMA_ALLOC and DEVICE_NUMA under the single global config option NUMA. 2018-01-14 03:36:03 +00:00
ia32 PTI for amd64. 2018-01-17 11:44:21 +00:00
include PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
linux Disable vim syntax highlighting. 2017-11-28 18:23:17 +00:00
linux32 Disable vim syntax highlighting. 2017-11-28 18:23:17 +00:00
pci sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
sgx Fix module unload when SGX support is not present in CPU. 2017-08-18 14:47:06 +00:00
vmm Save and restore guest debug registers. 2018-01-17 23:11:25 +00:00
Makefile