diff options
| author | Ian Moffett <ian@osmora.org> | 2025-08-12 23:40:35 -0400 |
|---|---|---|
| committer | Ian Moffett <ian@osmora.org> | 2025-08-12 23:52:27 -0400 |
| commit | eb4ec8d4b0d5d596c67dc2baf935df30e27fbb71 (patch) | |
| tree | 96e8ab35736afbc53824f499c30c840e7e521390 | |
| parent | a63b1db5237e4b62a2137a7ee32326497aab6e14 (diff) | |
kernel/amd64: Ensure CR4.UMIP is set by default
To prevent user programs from performing any operations related to
system memory structures (such as the GDT, TSS, etc), we will always set
CR4.UMIP if possible to improve the security of Hyra.
Signed-off-by: Ian Moffett <ian@osmora.org>
| -rw-r--r-- | sys/arch/amd64/amd64/machdep.c | 26 | ||||
| -rw-r--r-- | sys/include/arch/amd64/cpu.h | 1 |
2 files changed, 25 insertions, 2 deletions
diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c index 8761fbe..7720620 100644 --- a/sys/arch/amd64/amd64/machdep.c +++ b/sys/arch/amd64/amd64/machdep.c @@ -300,18 +300,20 @@ cpu_get_vendor(struct cpu_info *ci) static void cpu_get_info(struct cpu_info *ci) { - uint32_t eax, ebx, unused; + uint32_t eax, ebx, ecx, unused; uint8_t ext_model, ext_family; /* Get the vendor information */ cpu_get_vendor(ci); /* Extended features */ - CPUID(0x07, unused, ebx, unused, unused); + CPUID(0x07, unused, ebx, ecx, unused); if (ISSET(ebx, BIT(7))) ci->feat |= CPU_FEAT_SMEP; if (ISSET(ebx, BIT(20))) ci->feat |= CPU_FEAT_SMAP; + if (ISSET(ecx, BIT(2))) + ci->feat |= CPU_FEAT_UMIP; /* * Processor info and feature bits @@ -341,6 +343,25 @@ cpu_get_info(struct cpu_info *ci) } } +/* + * The CR4.UMIP bit prevents user programs from + * executing instructions related to accessing + * system memory structures. This should be enabled + * by default if supported. + */ +static void +cpu_enable_umip(void) +{ + struct cpu_info *ci = this_cpu(); + uint64_t cr4; + + if (ISSET(ci->feat, CPU_FEAT_UMIP)) { + cr4 = amd64_read_cr4(); + cr4 |= CR4_UMIP; + amd64_write_cr4(cr4); + } +} + void cpu_shootdown_tlb(vaddr_t va) { @@ -572,6 +593,7 @@ cpu_startup(struct cpu_info *ci) cpu_get_info(ci); cpu_enable_smep(); + cpu_enable_umip(); enable_simd(); lapic_init(); diff --git a/sys/include/arch/amd64/cpu.h b/sys/include/arch/amd64/cpu.h index b02ed5f..3dadebd 100644 --- a/sys/include/arch/amd64/cpu.h +++ b/sys/include/arch/amd64/cpu.h @@ -44,6 +44,7 @@ /* Feature bits */ #define CPU_FEAT_SMAP BIT(0) #define CPU_FEAT_SMEP BIT(1) +#define CPU_FEAT_UMIP BIT(2) /* CPU vendors */ #define CPU_VENDOR_OTHER 0x00000000 |