Page MenuHomeFreeBSD
Differential D45420

mitigations.7: mention supervisor mode memory access protections
ClosedPublic
Actions

Authored by emaste on May 31 2024, 2:15 PM.
Tags
None
Referenced Files
F87347484: D45420.diff
Mon, Jul 1, 11:15 PM
Unknown Object (File)
Thu, Jun 27, 5:03 PM
Unknown Object (File)
Mon, Jun 24, 11:42 AM
Unknown Object (File)
Mon, Jun 24, 11:31 AM
Unknown Object (File)
Mon, Jun 24, 11:29 AM
Unknown Object (File)
Mon, Jun 24, 11:26 AM
Unknown Object (File)
Mon, Jun 24, 11:24 AM
Unknown Object (File)
Mon, Jun 24, 11:23 AM
View All 15 Files
Subscribers
andrew

Details

Reviewers
olce
imp
kib
Commits
rG72ece341b427: mitigations.7: mention supervisor mode memory access protections

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste requested review of this revision.May 31 2024, 2:15 PM
emaste created this revision.
imp accepted this revision.May 31 2024, 2:20 PM
This revision is now accepted and ready to land.May 31 2024, 2:20 PM
olce accepted this revision.May 31 2024, 2:26 PM
olce added inline comments.
share/man/man7/mitigations.7
249
emaste added inline comments.May 31 2024, 2:29 PM
share/man/man7/mitigations.7
239

small addition staged in my tree

emaste updated this revision to Diff 139260.May 31 2024, 2:50 PM
emaste added a reviewer: kib.

Describe the two different features in more detail

This revision now requires review to proceed.May 31 2024, 2:50 PM
kib added a comment.May 31 2024, 2:59 PM

It is also worth mentioning that SMAP/PAN provide very effective NULL pointer dereference protection in kernel, and make mapping a page at address zero safe.

share/man/man7/mitigations.7
239

'not owned by the kernel' is a weird formulation, I even have to stop digesting it. The right way to express it is probably 'pages accessible to userspace/non-privileged code'.

andrew added a subscriber: andrew.May 31 2024, 3:03 PM
andrew added inline comments.
share/man/man7/mitigations.7
248

I think PAN only prevents read/write as it's just for data accesses.

emaste updated this revision to Diff 139262.May 31 2024, 3:04 PM

feedback from @kib

emaste updated this revision to Diff 139263.May 31 2024, 3:05 PM

Feedback from @andrew

kib accepted this revision.May 31 2024, 3:20 PM
This revision is now accepted and ready to land.May 31 2024, 3:20 PM
Closed by commit rG72ece341b427: mitigations.7: mention supervisor mode memory access protections (authored by emaste). · Explain WhyMay 31 2024, 7:36 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG72ece341b427: mitigations.7: mention supervisor mode memory access protections.

Revision Contents
Changeset List

PathSize
share/
man/
man7/
16 lines

Diff 139255

View Options

share/man/man7/mitigations.7

Loading...