Re: [PATCH 3/3] x86, cpu: Enable/disable SMEP

From: H. Peter Anvin
Date: Thu May 12 2011 - 02:07:14 EST


On 05/11/2011 03:36 PM, Andi Kleen wrote:
"Fenghua Yu"<fenghua.yu@xxxxxxxxx> writes:

+static int disable_smep;

If you add a __initdata here the whole thing will completely disappear
after boot.

@@ -867,6 +886,8 @@ static void __cpuinit identify_cpu(struct cpuinfo_x86 *c)
/* Init Machine Check Exception if available. */
mcheck_cpu_init(c);

+ setup_smep(c);

My feeling is you're setting this too late. In theory there could be
early overflows. Better use a early_param and set it as early
as possible, directly after the cpuid flags are set up in early
initialization.

-Andi

SMEP only matters if we can into userspace code, so I *think* the above should be okay. However, the most logical place would be to enable it in the same place(s) where we enable NX.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/