Page MenuHomeFreeBSD
Differential D45420

mitigations.7: mention supervisor mode memory access protections
ClosedPublic
Actions

Authored by emaste on May 31 2024, 2:15 PM.
Tags
None
Referenced Files
F102995598: D45420.id139272.diff
Tue, Nov 19, 3:04 PM
Unknown Object (File)
Fri, Nov 8, 12:24 AM
Unknown Object (File)
Thu, Nov 7, 5:29 PM
Unknown Object (File)
Wed, Nov 6, 10:53 PM
Unknown Object (File)
Wed, Nov 6, 2:44 AM
Unknown Object (File)
Oct 17 2024, 2:27 AM
Unknown Object (File)
Oct 17 2024, 12:24 AM
Unknown Object (File)
Oct 16 2024, 4:11 PM
View All Files
Subscribers
andrew

Details

Reviewers
olce
imp
kib
Commits
rGf8c73ba5981c: mitigations.7: mention supervisor mode memory access protections
rG72ece341b427: mitigations.7: mention supervisor mode memory access protections

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.May 31 2024, 2:15 PM
emaste created this revision.
imp accepted this revision.May 31 2024, 2:20 PM
This revision is now accepted and ready to land.May 31 2024, 2:20 PM
olce accepted this revision.May 31 2024, 2:26 PM
olce added inline comments.
share/man/man7/mitigations.7
249
emaste added inline comments.May 31 2024, 2:29 PM
share/man/man7/mitigations.7
239

small addition staged in my tree

emaste updated this revision to Diff 139260.May 31 2024, 2:50 PM
emaste added a reviewer: kib.

Describe the two different features in more detail

This revision now requires review to proceed.May 31 2024, 2:50 PM
kib added a comment.May 31 2024, 2:59 PM

It is also worth mentioning that SMAP/PAN provide very effective NULL pointer dereference protection in kernel, and make mapping a page at address zero safe.

share/man/man7/mitigations.7
239

'not owned by the kernel' is a weird formulation, I even have to stop digesting it. The right way to express it is probably 'pages accessible to userspace/non-privileged code'.

andrew added a subscriber: andrew.May 31 2024, 3:03 PM
andrew added inline comments.
share/man/man7/mitigations.7
248

I think PAN only prevents read/write as it's just for data accesses.

emaste updated this revision to Diff 139262.May 31 2024, 3:04 PM

feedback from @kib

emaste updated this revision to Diff 139263.May 31 2024, 3:05 PM

Feedback from @andrew

kib accepted this revision.May 31 2024, 3:20 PM
This revision is now accepted and ready to land.May 31 2024, 3:20 PM
Closed by commit rG72ece341b427: mitigations.7: mention supervisor mode memory access protections (authored by emaste). · Explain WhyMay 31 2024, 7:36 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG72ece341b427: mitigations.7: mention supervisor mode memory access protections.
emaste added a commit: rGf8c73ba5981c: mitigations.7: mention supervisor mode memory access protections.Aug 1 2024, 2:48 PM

Revision Contents
Changeset List

PathSize
share/
man/
man7/
24 lines

Diff 139272

View Options

share/man/man7/mitigations.7

Loading...