Project

General

Profile

Actions
Copy link

Bug #9685

closed

KPTI %cr3 handling needs fixes

Added by John Levon almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Start date:
2018-07-30
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

There are two more known issues with KPTI trap handling. These are SmartOS bugs:

https://smartos.org/bugview/OS-7015

- When KMDB has to pass a page fault or other trap to the kernel handlers, we need
   to restore the original %cr3, otherwise we can end up with the wrong %cr3 loaded
   if we happen to take a trap during the sensitive part of hat_switch()

https://smartos.org/bugview/OS-7064

- If we end up with bad segment registers on an iret to userspace, we were not correctly
   identifying that the userspace %cr3 was in place; we need explicit handling of this so we
   load the kernel %cr3 back
Actions
Copy link
 #1

Updated by Electric Monk almost 4 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit eea802b0a2c12269d15276d4657e5cd64dd541a4

commit  eea802b0a2c12269d15276d4657e5cd64dd541a4
Author: John Levon <john.levon@joyent.com>
Date:   2018-08-07T19:46:08.000Z

    9685 KPTI %cr3 handling needs fixes
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Actions
Copy link

Also available in: Atom PDF