DragonFlyBSD/src 48c77f2 — sys/cpu/x86_64/include asmacros.h specialreg.h, sys/platform/pc64/x86_64 support.s machdep.c
kernel - Implement support for SMAP and SMEP security
* Implement support for SMAP security. This prevents accidental
accesses to user address space from the kernel. When available,
we wrap intentional user-space accesses from the kernel with
the 'stac' and 'clac' instructions.
We use a NOP replacement policy to implement the feature. The wrapper
is initially a 'nop %eax' (3-byte NOP), and is replaced by 'stac' and
'clac' via a .section iteration when the feature is supported.
* Implement support for SMEP security. This prevents accidental
execution of user code from the kernel and simply requires
turning the bit on in CR4.
* Reports support in dmesg via the 'CPU Special Features Installed:'
line.
UnifiedSplitRaw