Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compile USER_LDT by default, but, put it behind a privileged sysctl that 

defaults to disabled. To enable:

	# sysctl -w machdep.user_ldt=1
This commit is contained in:
maxv 2020-07-19 14:31:31 +00:00
parent 6bd27cf6bd
commit d3713544b3
4 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/arch/amd64/conf/ALL
View File

@ -1,4 +1,4 @@
# $NetBSD: ALL,v 1.156 2020/07/14 00:45:52 yamaguchi Exp $
# $NetBSD: ALL,v 1.157 2020/07/19 14:31:31 maxv Exp $
# From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
#
# ALL machine description file
@ -17,14 +17,14 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
#ident "ALL-$Revision: 1.156 $"
#ident "ALL-$Revision: 1.157 $"
maxusers 64 # estimated number of users
makeoptions USE_SSP=yes
# CPU-related options.
#options USER_LDT # user-settable LDT; used by WINE
options USER_LDT # User-settable LDT, used by Wine
options X86EMU # 386 Real Mode emulator
#options PAE # PAE mode (36 bits physical addressing)
makeoptions SPECTRE_V2_GCC_MITIGATION=1 # GCC Spectre variant 2

6
sys/arch/amd64/conf/GENERIC
View File

@ -1,4 +1,4 @@
# $NetBSD: GENERIC,v 1.572 2020/07/14 01:05:06 yamaguchi Exp $
# $NetBSD: GENERIC,v 1.573 2020/07/19 14:31:31 maxv Exp $
#
# GENERIC machine description file
#
@ -22,7 +22,7 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
#ident "GENERIC-$Revision: 1.572 $"
#ident "GENERIC-$Revision: 1.573 $"
maxusers 64 # estimated number of users
@ -74,7 +74,7 @@ options USERCONF # userconf(4) support
options SYSCTL_INCLUDE_DESCR # Include sysctl descriptions in kernel
# CPU-related options
#options USER_LDT # User-settable LDT, used by Wine
options USER_LDT # User-settable LDT, used by Wine
options SVS # Separate Virtual Space
options PCPU_IDT # Per CPU IDTs

20
sys/arch/x86/x86/x86_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: x86_machdep.c,v 1.144 2020/07/04 21:02:16 chs Exp $ */
/* $NetBSD: x86_machdep.c,v 1.145 2020/07/19 14:31:31 maxv Exp $ */
/*-
* Copyright (c) 2002, 2006, 2007 YAMAMOTO Takashi,
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.144 2020/07/04 21:02:16 chs Exp $");
__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.145 2020/07/19 14:31:31 maxv Exp $");
#include "opt_modular.h"
#include "opt_physmem.h"
@ -95,6 +95,8 @@ void (*x86_cpu_idle)(void);
static bool x86_cpu_idle_ipi;
static char x86_cpu_idle_text[16];
static bool x86_user_ldt_enabled __read_mostly = false;
#ifdef XEN
#include <xen/xen.h>
@ -1178,9 +1180,14 @@ x86_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
switch (action) {
case KAUTH_MACHDEP_IOPERM_GET:
result = KAUTH_RESULT_ALLOW;
break;
case KAUTH_MACHDEP_LDT_GET:
case KAUTH_MACHDEP_LDT_SET:
result = KAUTH_RESULT_ALLOW;
if (x86_user_ldt_enabled) {
result = KAUTH_RESULT_ALLOW;
}
break;
default:
@ -1432,6 +1439,13 @@ SYSCTL_SETUP(sysctl_machdep_setup, "sysctl machdep subtree setup")
CTL_CREATE, CTL_EOL);
#endif
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_READWRITE,
CTLTYPE_BOOL, "user_ldt",
SYSCTL_DESCR("Whether USER_LDT is enabled"),
NULL, 0, &x86_user_ldt_enabled, 0,
CTL_MACHDEP, CTL_CREATE, CTL_EOL);
#ifndef XENPV
void sysctl_speculation_init(struct sysctllog **);
sysctl_speculation_init(clog);

4
tests/lib/libi386/t_user_ldt.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: t_user_ldt.c,v 1.4 2020/07/03 16:07:52 maxv Exp $ */
/* $NetBSD: t_user_ldt.c,v 1.5 2020/07/19 14:31:31 maxv Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@ -58,7 +58,7 @@ user_ldt_detect(void)
int ret;
ret = i386_get_ldt(0, &desc, 1);
user_ldt_supported = (ret != -1) || (errno != ENOSYS);
user_ldt_supported = (ret != -1) || (errno != ENOSYS && errno != EPERM);
}
static void