d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disable write protection around patching of XSAVE instruction in the

Browse Source 
context switch code.

Some BIOSes give control to the OS with CR0.WP already set, making the
kernel text read-only before cpu_startup().

Reported by:	Peter Lei <peter.lei@ieee.org>
Reviewed by:	jtl
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D14768
This commit is contained in:
Konstantin Belousov 2018-03-20 17:47:29 +00:00
parent 2337dc6430
commit 9cffc92c62
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/amd64/amd64/fpu.c
View File

@ -205,6 +205,7 @@ fpuinit_bsp1(void)
{
u_int cp[4];
uint64_t xsave_mask_user;
bool old_wp;
if ((cpu_feature2 & CPUID2_XSAVE) != 0) {
use_xsave = 1;
@ -233,8 +234,14 @@ fpuinit_bsp1(void)
* Patch the XSAVE instruction in the cpu_switch code
* to XSAVEOPT. We assume that XSAVE encoding used
* REX byte, and set the bit 4 of the r/m byte.
*
* It seems that some BIOSes give control to the OS
* with CR0.WP already set, making the kernel text
* read-only before cpu_startup().
*/
old_wp = disable_wp();
ctx_switch_xsave[3] |= 0x10;
restore_wp(old_wp);
}
}