Author: kib Date: Tue Mar 20 17:47:29 2018 New Revision: 331253 URL: https://svnweb.freebsd.org/changeset/base/331253
Log: Disable write protection around patching of XSAVE instruction in the context switch code. Some BIOSes give control to the OS with CR0.WP already set, making the kernel text read-only before cpu_startup(). Reported by: Peter Lei <peter....@ieee.org> Reviewed by: jtl Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D14768 Modified: head/sys/amd64/amd64/fpu.c Modified: head/sys/amd64/amd64/fpu.c ============================================================================== --- head/sys/amd64/amd64/fpu.c Tue Mar 20 17:43:50 2018 (r331252) +++ head/sys/amd64/amd64/fpu.c Tue Mar 20 17:47:29 2018 (r331253) @@ -205,6 +205,7 @@ fpuinit_bsp1(void) { u_int cp[4]; uint64_t xsave_mask_user; + bool old_wp; if ((cpu_feature2 & CPUID2_XSAVE) != 0) { use_xsave = 1; @@ -233,8 +234,14 @@ fpuinit_bsp1(void) * Patch the XSAVE instruction in the cpu_switch code * to XSAVEOPT. We assume that XSAVE encoding used * REX byte, and set the bit 4 of the r/m byte. + * + * It seems that some BIOSes give control to the OS + * with CR0.WP already set, making the kernel text + * read-only before cpu_startup(). */ + old_wp = disable_wp(); ctx_switch_xsave[3] |= 0x10; + restore_wp(old_wp); } } _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
