diff options
| author | Andreas Kling <awesomekling@gmail.com> | 2020-01-01 18:18:02 +0100 |
|---|---|---|
| committer | Andreas Kling <awesomekling@gmail.com> | 2020-01-01 18:22:20 +0100 |
| commit | 38f93ef13b6a2c111c4c99de5c21ccc2d7b90fda (patch) | |
| tree | 4fdc1cdf0d6a12a715e90d59a3389decd5c39025 /Kernel | |
| parent | dfd759f75a76e6827ba4ad26b05da0aa1b14b3e4 (diff) | |
| download | serenity-38f93ef13b6a2c111c4c99de5c21ccc2d7b90fda.zip | |
Kernel: Disable x86 RDTSC instruction in userspace
It's still possible to read the TSC via the read_tsc() syscall, but we
will now clear some of the bottom bits for unprivileged users.
Diffstat (limited to 'Kernel')
| -rw-r--r-- | Kernel/Arch/i386/CPU.cpp | 2 | ||||
| -rw-r--r-- | Kernel/Arch/i386/CPU.h | 1 | ||||
| -rw-r--r-- | Kernel/Process.cpp | 2 | ||||
| -rw-r--r-- | Kernel/init.cpp | 8 |
4 files changed, 13 insertions, 0 deletions
diff --git a/Kernel/Arch/i386/CPU.cpp b/Kernel/Arch/i386/CPU.cpp index cabb15d40f..acb08e19ed 100644 --- a/Kernel/Arch/i386/CPU.cpp +++ b/Kernel/Arch/i386/CPU.cpp @@ -526,6 +526,7 @@ bool g_cpu_supports_pae; bool g_cpu_supports_pge; bool g_cpu_supports_smep; bool g_cpu_supports_sse; +bool g_cpu_supports_tsc; bool g_cpu_supports_umip; void detect_cpu_features() @@ -534,6 +535,7 @@ void detect_cpu_features() g_cpu_supports_pae = (processor_info.edx() & (1 << 6)); g_cpu_supports_pge = (processor_info.edx() & (1 << 13)); g_cpu_supports_sse = (processor_info.edx() & (1 << 25)); + g_cpu_supports_tsc = (processor_info.edx() & (1 << 4)); CPUID extended_processor_info(0x80000001); g_cpu_supports_nx = (extended_processor_info.edx() & (1 << 20)); diff --git a/Kernel/Arch/i386/CPU.h b/Kernel/Arch/i386/CPU.h index 2fa2136a1f..c1980f0da4 100644 --- a/Kernel/Arch/i386/CPU.h +++ b/Kernel/Arch/i386/CPU.h @@ -513,4 +513,5 @@ extern bool g_cpu_supports_pae; extern bool g_cpu_supports_pge; extern bool g_cpu_supports_smep; extern bool g_cpu_supports_sse; +extern bool g_cpu_supports_tsc; extern bool g_cpu_supports_umip; diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 0dd13da90c..7c5a834fc9 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -2452,6 +2452,8 @@ int Process::sys$read_tsc(u32* lsw, u32* msw) if (!validate_write_typed(msw)) return -EFAULT; read_tsc(*lsw, *msw); + if (!is_superuser()) + *lsw &= ~0xfff; return 0; } diff --git a/Kernel/init.cpp b/Kernel/init.cpp index 6cb9dbe598..01ce09a943 100644 --- a/Kernel/init.cpp +++ b/Kernel/init.cpp @@ -266,6 +266,14 @@ extern "C" [[noreturn]] void init(u32 physical_address_for_kernel_page_tables) kprintf("x86: UMIP support enabled\n"); } + if (g_cpu_supports_tsc) { + asm volatile( + "mov %cr4, %eax\n" + "orl $0x4, %eax\n" + "mov %eax, %cr4\n"); + kprintf("x86: RDTSC support restricted\n"); + } + RTC::initialize(); PIC::initialize(); gdt_init(); |