Page MenuHomeFreeBSD
Differential D30462

vmm: Let guests enable SMEP/SMAP if the host supports it
ClosedPublic
Actions

Authored by markj on May 26 2021, 12:01 AM.
Tags
None
Referenced Files
F151201790: D30462.id.diff
Mon, Apr 6, 7:22 PM
Unknown Object (File)
Sat, Apr 4, 3:54 PM
Unknown Object (File)
Sat, Apr 4, 6:15 AM
Unknown Object (File)
Wed, Mar 25, 10:05 AM
Unknown Object (File)
Tue, Mar 24, 3:23 PM
Unknown Object (File)
Wed, Mar 18, 6:11 AM
Unknown Object (File)
Tue, Mar 17, 4:39 AM
Unknown Object (File)
Sun, Mar 15, 10:56 PM
View All Files
Subscribers
bcran
imp
rgrimes

Details

Reviewers
grehan
kib
jhb
Group Reviewers
bhyve
Commits
rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it
Summary

Enabling the bits in cpuid appears to be sufficient. We already allow
the guest to set CR4_SMAP and _SMEP.

Test Plan

I booted a FreeBSD VM on an Intel system that implements SMAP, and verified
that the CPU feature is recognized and that it actually works (by adding
an access to user memory into a system call).

I do not have an AMD system I can use to test this; any assistance here would be
appreciated.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 39456
Build 36345: arc lint + arc unit

Event Timeline

markj created this revision.May 26 2021, 12:01 AM
Herald added a reviewer: bhyve. · View Herald TranscriptMay 26 2021, 12:01 AM
Herald added subscribers: bcran, rgrimes, imp. · View Herald Transcript
markj requested review of this revision.May 26 2021, 12:01 AM
Harbormaster completed remote builds in B39456: Diff 89881.May 26 2021, 12:01 AM
grehan accepted this revision.May 26 2021, 12:03 AM
This revision is now accepted and ready to land.May 26 2021, 12:03 AM
markj edited the test plan for this revision. (Show Details)May 26 2021, 12:03 AM
markj added a reviewer: kib.
grehan added a comment.May 26 2021, 1:12 AM

From dmesg on a FreeBSD-14 guest on a Ryzen 4700U.

Host:

Structured Extended Features=0x219c91a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,PQM,PQE,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA>

Guest before the change:

Structured Extended Features=0x20040129<FSGSBASE,BMI1,AVX2,BMI2,RDSEED,SHA>

Guest with the change:

Structured Extended Features=0x201401a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,RDSEED,SMAP,SHA>
jhb accepted this revision.May 26 2021, 2:03 AM
kib accepted this revision.May 26 2021, 7:36 AM

I believe SMAP on AMD is very recent feature, AFAIR it is not present on Zen2.

grehan added a comment.May 26 2021, 7:54 AM
In D30462#684409, @kib wrote:

I believe SMAP on AMD is very recent feature, AFAIR it is not present on Zen2.

See the above dmesg fragment showing SMAP present on the Zen2-based 4700U

Closed by commit rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it (authored by markj). · Explain WhyMay 26 2021, 1:40 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG4c599db71af5: vmm: Let guests enable SMEP/SMAP if the host supports it.

Revision Contents
Changeset List

PathSize
sys/
amd64/
vmm/
4 lines

Diff 89881

View Options

sys/amd64/vmm/x86.c

Loading...