Page MenuHomeFreeBSD
Differential D30462

vmm: Let guests enable SMEP/SMAP if the host supports it
ClosedPublic
Actions

Authored by markj on May 26 2021, 12:01 AM.
Tags
None
Referenced Files
F81691556: D30462.diff
Sat, Apr 20, 12:35 AM
Unknown Object (File)
Mon, Apr 1, 1:14 PM
Unknown Object (File)
Mon, Apr 1, 4:33 AM
Unknown Object (File)
Feb 18 2024, 8:23 AM
Unknown Object (File)
Feb 1 2024, 9:00 PM
Unknown Object (File)
Jan 16 2024, 3:22 AM
Unknown Object (File)
Dec 23 2023, 1:56 AM
Unknown Object (File)
Dec 19 2023, 10:26 PM
View All 27 Files
Subscribers
bcran
imp
rgrimes

Details

Reviewers
grehan
kib
jhb
Group Reviewers
bhyve
Commits
rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it
Summary

Enabling the bits in cpuid appears to be sufficient. We already allow
the guest to set CR4_SMAP and _SMEP.

Test Plan

I booted a FreeBSD VM on an Intel system that implements SMAP, and verified
that the CPU feature is recognized and that it actually works (by adding
an access to user memory into a system call).

I do not have an AMD system I can use to test this; any assistance here would be
appreciated.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.May 26 2021, 12:01 AM
Herald added a reviewer: bhyve. · View Herald TranscriptMay 26 2021, 12:01 AM
Herald added subscribers: bcran, rgrimes, imp. · View Herald Transcript
markj requested review of this revision.May 26 2021, 12:01 AM
Harbormaster completed remote builds in B39456: Diff 89881.May 26 2021, 12:01 AM
grehan accepted this revision.May 26 2021, 12:03 AM
This revision is now accepted and ready to land.May 26 2021, 12:03 AM
markj edited the test plan for this revision. (Show Details)May 26 2021, 12:03 AM
markj added a reviewer: kib.
grehan added a comment.May 26 2021, 1:12 AM

From dmesg on a FreeBSD-14 guest on a Ryzen 4700U.

Host:

Structured Extended Features=0x219c91a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,PQM,PQE,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA>

Guest before the change:

Structured Extended Features=0x20040129<FSGSBASE,BMI1,AVX2,BMI2,RDSEED,SHA>

Guest with the change:

Structured Extended Features=0x201401a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,RDSEED,SMAP,SHA>
jhb accepted this revision.May 26 2021, 2:03 AM
kib accepted this revision.May 26 2021, 7:36 AM

I believe SMAP on AMD is very recent feature, AFAIR it is not present on Zen2.

grehan added a comment.May 26 2021, 7:54 AM
In D30462#684409, @kib wrote:

I believe SMAP on AMD is very recent feature, AFAIR it is not present on Zen2.

See the above dmesg fragment showing SMAP present on the Zen2-based 4700U

Closed by commit rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it (authored by markj). · Explain WhyMay 26 2021, 1:40 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it.

Revision Contents
Changeset List

PathSize
sys/
amd64/
vmm/
4 lines

Diff 89900

View Options

sys/amd64/vmm/x86.c

Loading...