Page MenuHomeFreeBSD
Differential D45420

mitigations.7: mention supervisor mode memory access protections
ClosedPublic
Actions

Authored by emaste on May 31 2024, 2:15 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, May 28, 3:55 AM
Unknown Object (File)
Thu, May 14, 5:29 AM
Unknown Object (File)
Wed, May 13, 9:40 AM
Unknown Object (File)
Sat, May 9, 9:38 PM
Unknown Object (File)
Fri, May 8, 8:26 PM
Unknown Object (File)
May 7 2026, 2:22 PM
Unknown Object (File)
May 7 2026, 1:48 PM
Unknown Object (File)
May 6 2026, 7:27 AM
View All Files
Subscribers
andrew

Details

Reviewers
olce
imp
kib
Commits
rGf8c73ba5981c: mitigations.7: mention supervisor mode memory access protections
rG72ece341b427: mitigations.7: mention supervisor mode memory access protections

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste requested review of this revision.May 31 2024, 2:15 PM
emaste created this revision.
imp accepted this revision.May 31 2024, 2:20 PM
This revision is now accepted and ready to land.May 31 2024, 2:20 PM
olce accepted this revision.May 31 2024, 2:26 PM
olce added inline comments.
share/man/man7/mitigations.7
249
emaste added inline comments.May 31 2024, 2:29 PM
share/man/man7/mitigations.7
239

small addition staged in my tree

emaste updated this revision to Diff 139260.May 31 2024, 2:50 PM
emaste added a reviewer: kib.

Describe the two different features in more detail

This revision now requires review to proceed.May 31 2024, 2:50 PM
kib added a comment.May 31 2024, 2:59 PM

It is also worth mentioning that SMAP/PAN provide very effective NULL pointer dereference protection in kernel, and make mapping a page at address zero safe.

share/man/man7/mitigations.7
239

'not owned by the kernel' is a weird formulation, I even have to stop digesting it. The right way to express it is probably 'pages accessible to userspace/non-privileged code'.

andrew added a subscriber: andrew.May 31 2024, 3:03 PM
andrew added inline comments.
share/man/man7/mitigations.7
248

I think PAN only prevents read/write as it's just for data accesses.

emaste updated this revision to Diff 139262.May 31 2024, 3:04 PM

feedback from @kib

emaste updated this revision to Diff 139263.May 31 2024, 3:05 PM

Feedback from @andrew

kib accepted this revision.May 31 2024, 3:20 PM
This revision is now accepted and ready to land.May 31 2024, 3:20 PM
Closed by commit rG72ece341b427: mitigations.7: mention supervisor mode memory access protections (authored by emaste). · Explain WhyMay 31 2024, 7:36 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG72ece341b427: mitigations.7: mention supervisor mode memory access protections.
emaste added a commit: rGf8c73ba5981c: mitigations.7: mention supervisor mode memory access protections.Aug 1 2024, 2:48 PM

Revision Contents
Changeset List

PathSize
share/
man/
man7/
24 lines

Diff 139263

View Options

share/man/man7/mitigations.7

Loading...