summaryrefslogtreecommitdiffstats
path: root/arch/x86/realmode
diff options
context:
space:
mode:
authorH. Peter Anvin <hpa@linux.intel.com>2012-09-27 03:02:28 +0200
committerH. Peter Anvin <hpa@linux.intel.com>2012-09-27 18:52:38 +0200
commitb2cc2a074de75671bbed5e2dda67a9252ef353ea (patch)
tree8e01fcacb8bad82c4351fa82b351ecc185fe8056 /arch/x86/realmode
parentx86, suspend: On wakeup always initialize cr4 and EFER (diff)
downloadlinux-b2cc2a074de75671bbed5e2dda67a9252ef353ea.tar.xz
linux-b2cc2a074de75671bbed5e2dda67a9252ef353ea.zip
x86, smep, smap: Make the switching functions one-way
There is no fundamental reason why we should switch SMEP and SMAP on during early cpu initialization just to switch them off again. Now with %eflags and %cr4 forced to be initialized to a clean state, we only need the one-way enable. Also, make the functions inline to make them (somewhat) harder to abuse. This does mean that SMEP and SMAP do not get initialized anywhere near as early. Even using early_param() instead of __setup() doesn't give us control early enough to do this during the early cpu initialization phase. This seems reasonable to me, because SMEP and SMAP should not matter until we have userspace to protect ourselves from, but it does potentially make it possible for a bug involving a "leak of permissions to userspace" to get uncaught. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Diffstat (limited to 'arch/x86/realmode')
0 files changed, 0 insertions, 0 deletions