On Tue, Dec 05, 2017 at 11:32:53AM +0100, Martin Pieuchot wrote: > On 04/12/17(Mon) 12:24, Martin Pieuchot wrote: > > Since SMAP is enabled ddb(4)'s 'trace /u' and 'trace /p' for a userland > > processes result, as expected, in page faults. > > > > Diff below disable SMAP for the duration of the command. This allows us > > to see any possible frame corruption. > > Updated version that: > > - Removes the goto by shuffling parameter tests > - Initializes cr4save to limit the effect of this gadget. > - Skip lcr4() completely if the CPU doesn't support SMAP.
On i386, it might be necessary to make the rcr4() conditional to a CPU feature flag because olden x86 processors do not have the CR4 register. Condition curcpu()->ci_feature_sefflags_ebx & SEFF0EBX_SMAP might be good enough in this case. With that issue fixed, OK visa@
