From ddc58847e2bcff65a7950f0a866da041e73d3e76 Mon Sep 17 00:00:00 2001 From: Ian Moffett Date: Sat, 5 Jul 2025 01:09:24 +0000 Subject: kernel/amd64: conf: Add CPU_SMEP option Allow the user to configure if SMEP would be enabled for their build of the Hyra AMD64 port Signed-off-by: Ian Moffett --- sys/arch/amd64/amd64/machdep.c | 15 +++++++++++++++ sys/arch/amd64/conf/GENERIC | 1 + 2 files changed, 16 insertions(+) diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c index 5acacb4..9b65d6e 100644 --- a/sys/arch/amd64/amd64/machdep.c +++ b/sys/arch/amd64/amd64/machdep.c @@ -61,6 +61,12 @@ #define SPECTRE_IBRS 0 #endif +#if defined(__CPU_SMEP) +#define CPU_SMEP __CPU_SMEP +#else +#define CPU_SMEP 0 +#endif + int ibrs_enable(void); int simd_init(void); void syscall_isr(void); @@ -319,6 +325,11 @@ cpu_enable_smep(void) struct cpu_info *ci; uint64_t cr4; + /* Don't bother if not enabled */ + if (!CPU_SMEP) { + return; + } + ci = this_cpu(); if (!ISSET(ci->feat, CPU_FEAT_SMEP)) { pr_trace_bsp("SMEP not supported\n"); @@ -336,6 +347,10 @@ cpu_disable_smep(void) struct cpu_info *ci; uint64_t cr4; + if (!CPU_SMEP) { + return; + } + ci = this_cpu(); if (!ISSET(ci->feat, CPU_FEAT_SMEP)) { return; diff --git a/sys/arch/amd64/conf/GENERIC b/sys/arch/amd64/conf/GENERIC index 69e071a..44ab8b5 100644 --- a/sys/arch/amd64/conf/GENERIC +++ b/sys/arch/amd64/conf/GENERIC @@ -8,6 +8,7 @@ option SPECTRE_IBRS no // Enable the IBRS CPU feature option SERIAL_DEBUG yes // Enable kmsg serial logging option USER_KMSG no // Show kmsg in user consoles +option CPU_SMEP yes // Supervisor Memory Exec Protection // Kernel constants setval SCHED_NQUEUE 4 // Number of scheduler queues (for MLFQ) -- cgit v1.2.3