On 09/21/2012 01:08 PM, Ingo Molnar wrote:
>
> * Linus Torvalds <torva...@linux-foundation.org> wrote:
>
>> On Fri, Sep 21, 2012 at 12:43 PM, H. Peter Anvin <h...@linux.intel.com>
>> wrote:
>>
>>> Supervisor Mode Access Prevention (SMAP) is a new security
>>> feature disclosed by Intel in revision 014 of the IntelĀ®
>>> Architecture Instruction Set Extensions Programming
>>> Reference:
>>
>> Looks good.
>>
>> Did this find any bugs, btw? We've had a few cases where we
>> forgot to use the proper user access function, and code just
>> happened to work because it all boils down to the same thing
>> and never got any page faults in practice anyway..
>
> The 4g:4g patch sweeped out most of the historic ones - so what
> we have are perhaps newer bugs (but those should be pretty rare,
> most new features are cross-arch).
>
A while ago I also did a mockup patch which switched %cr3 to
swapper_pg_dir while entering the kernel (basically where the CLAC
instructions go, plus the SYSCALL path; a restore was obviously needed,
too.) The performance was atrocious, but I didn't remember running into
any problems.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
