[PATCH v3 0/4] Enable SMEP CPU Feature
From: Fenghua Yu
Date: Tue May 17 2011 - 21:58:17 EST
From: Fenghua Yu <fenghua.yu@xxxxxxxxx>
Intel new CPU supports SMEP (Supervisor Mode Execution Protection). SMEP
prevents kernel from executing code in application. Updated Intel SDM describes
this CPU feature. The document will be published soon.
Note: This patch set doesn't enable the SMEP feature in KVM. A seperate patch
will be pushed for enabling the feature in KVM.
Fenghua Yu (4):
x86, cpu: Add CPU flags for SMEP
x86, cpu: Add SMEP CPU feature in CR4
x86, head_32/64.S: Enable SMEP
x86/kernel/cpu/common.c: Disable SMEP by kernel option nosmep
Documentation/kernel-parameters.txt | 4 ++++
arch/x86/include/asm/cpufeature.h | 1 +
arch/x86/include/asm/processor-flags.h | 1 +
arch/x86/kernel/cpu/common.c | 22 ++++++++++++++++++++++
arch/x86/kernel/head_32.S | 17 +++++++++++++----
arch/x86/kernel/head_64.S | 13 +++++++++++--
6 files changed, 52 insertions(+), 6 deletions(-)
--
1.7.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/