From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
To: Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@suse.de>, Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-msdos@vger.kernel.org, wine-devel@winehq.org,
Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
"H . Peter Anvin" <hpa@zytor.com>,
Brian Gerst <brgerst@gmail.com>, Chen Yucong <slaoub@gmail.com>,
Chris Metcalf <cmetcalf@mellanox.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Fenghua Yu <fenghua.yu@intel.com>, Huang Rui <ray.huang@amd.com>,
Jiri Slaby <jslaby@suse.cz>, Jonathan Corbet <corbet@lwn.net>,
"Michael S . Tsirkin" <mst@redhat.com>,
Paul Gortmaker <paul.gortmaker@windriver.com>,
"Ravi V . Shankar" <ravi.v.shankar@intel.com>,
Shuah Khan <shuah@kernel.org>, Vlastimil Babka <vbabka@suse.cz>,
Tony Luck <tony.luck@intel.com>, Paolo Bonzini <pbo>
Subject: [v2 7/7] x86: Enable User-Mode Instruction Prevention
Date: Fri, 23 Dec 2016 17:37:45 -0800 [thread overview]
Message-ID: <20161224013745.108716-8-ricardo.neri-calderon@linux.intel.com> (raw)
In-Reply-To: <20161224013745.108716-1-ricardo.neri-calderon@linux.intel.com>
User_mode Instruction Prevention (UMIP) is enabled by setting/clearing a
bit in %cr4.
It makes sense to enable UMIP at some point while booting, before user
spaces come up. Like SMAP and SMEP, is not critical to have it enabled
very early during boot. This is because UMIP is relevant only when there is
a userspace to be protected from. Given the similarities in relevance, it
makes sense to enable UMIP along with SMAP and SMEP.
UMIP is enabled by default. It can be disabled by adding clearcpuid=514
to the kernel parameters.
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Chen Yucong <slaoub@gmail.com>
Cc: Chris Metcalf <cmetcalf@mellanox.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Huang Rui <ray.huang@amd.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paul Gortmaker <paul.gortmaker@windriver.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ravi V. Shankar <ravi.v.shankar@intel.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Liang Z. Li <liang.z.li@intel.com>
Cc: Alexandre Julliard <julliard@winehq.org>
Cc: Stas Sergeev <stsp@list.ru>
Cc: x86@kernel.org
Cc: linux-msdos@vger.kernel.org
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
---
arch/x86/Kconfig | 10 ++++++++++
arch/x86/kernel/cpu/common.c | 16 +++++++++++++++-
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index e487493..bae1a8f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1733,6 +1733,16 @@ config X86_SMAP
If unsure, say Y.
+config X86_INTEL_UMIP
+ def_bool y
+ depends on CPU_SUP_INTEL
+ prompt "User Mode Instruction Prevention" if EXPERT
+ ---help---
+ The User Mode Instruction Prevention (UMIP) is a security
+ feature in newer Intel processors. If enabled, a general
+ protection fault is issued if the instructions SGDT, SLDT,
+ SIDT, SMSW and STR are executed in user mode.
+
config X86_INTEL_MPX
prompt "Intel MPX (Memory Protection Extensions)"
def_bool n
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index dc1697c..b38a639 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -306,6 +306,19 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
}
}
+static __always_inline void setup_umip(struct cpuinfo_x86 *c)
+{
+ if (cpu_feature_enabled(X86_FEATURE_UMIP) &&
+ cpu_has(c, X86_FEATURE_UMIP))
+ cr4_set_bits(X86_CR4_UMIP);
+ else
+ /*
+ * Make sure UMIP is disabled in case it was enabled in a
+ * previous boot (e.g., via kexec).
+ */
+ cr4_clear_bits(X86_CR4_UMIP);
+}
+
/*
* Protection Keys are not available in 32-bit mode.
*/
@@ -1059,9 +1072,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
/* Disable the PN if appropriate */
squash_the_stupid_serial_number(c);
- /* Set up SMEP/SMAP */
+ /* Set up SMEP/SMAP/UMIP */
setup_smep(c);
setup_smap(c);
+ setup_umip(c);
/*
* The vendor-specific functions might have changed features.
--
2.9.3
next prev parent reply other threads:[~2016-12-24 1:37 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-24 1:37 [v2 0/7] x86: enable User-Mode Instruction Prevention Ricardo Neri
2016-12-24 1:37 ` [v2 1/7] x86/mpx: Do not use SIB index if index points to R/ESP Ricardo Neri
2016-12-24 1:57 ` Andy Lutomirski
2016-12-27 22:29 ` Ricardo Neri
2016-12-24 1:37 ` [v2 2/7] x86/mpx: Fail when implicit zero-displacement is used along with R/EBP Ricardo Neri
2016-12-24 1:58 ` Andy Lutomirski
2016-12-27 22:33 ` Ricardo Neri
2017-01-03 16:41 ` Dave Hansen
2017-01-04 1:31 ` Ricardo Neri
2016-12-24 1:37 ` [v2 3/7] x86/mpx, x86/insn: Relocate insn util functions to a new insn-utils Ricardo Neri
2016-12-24 2:34 ` kbuild test robot
2016-12-25 6:17 ` Masami Hiramatsu
2016-12-27 22:36 ` Ricardo Neri
2017-01-03 16:44 ` Dave Hansen
2017-01-04 1:31 ` Ricardo Neri
2016-12-24 1:37 ` [v2 4/7] x86/cpufeature: Add User-Mode Instruction Prevention definitions Ricardo Neri
2016-12-24 1:37 ` [v2 5/7] x86: Add emulation code for UMIP instructions Ricardo Neri
2016-12-24 2:11 ` Andy Lutomirski
2016-12-28 0:39 ` Ricardo Neri
2016-12-28 0:48 ` Andy Lutomirski
2016-12-30 5:23 ` Ricardo Neri
2016-12-31 2:07 ` Andy Lutomirski
2017-01-04 1:30 ` Ricardo Neri
2016-12-25 15:49 ` Masami Hiramatsu
2016-12-28 0:40 ` Ricardo Neri
2016-12-24 1:37 ` [v2 6/7] x86/traps: Fixup general protection faults caused by UMIP Ricardo Neri
2016-12-24 2:11 ` Andy Lutomirski
2016-12-27 22:34 ` Ricardo Neri
2016-12-24 4:22 ` kbuild test robot
2016-12-24 1:37 ` Ricardo Neri [this message]
2016-12-24 3:15 ` [v2 7/7] x86: Enable User-Mode Instruction Prevention kbuild test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161224013745.108716-8-ricardo.neri-calderon@linux.intel.com \
--to=ricardo.neri-calderon@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=cmetcalf@mellanox.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=fenghua.yu@intel.com \
--cc=hpa@zytor.com \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-msdos@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=paul.gortmaker@windriver.com \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=ray.huang@amd.com \
--cc=shuah@kernel.org \
--cc=slaoub@gmail.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=wine-devel@winehq.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox