Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Processor features are not checked #6

Open
penberg opened this issue Jan 26, 2018 · 2 comments
Open

Processor features are not checked #6

penberg opened this issue Jan 26, 2018 · 2 comments

Comments

@penberg
Copy link
Owner

penberg commented Jan 26, 2018

The x86-64 bootstrap code, for example, assumes the presence of various MSRs but fails to check if the processor actually supports them or not (in particular, the "no execute" feature).

@penberg penberg added the bug label Jan 26, 2018
@penberg penberg changed the title Process features are not checked Processor features are not checked Jan 26, 2018
@tapaswenipathak
Copy link
Contributor

Hi @penberg: Can add few outlines here as well?

@penberg
Copy link
Owner Author

penberg commented Jul 25, 2019

The OS configures some CPU features, but does not check if the CPU supports them.

For example, the OS enables the no execute (MX) bit by writing to the IA32_EFER MSR. However, before we can do that, we should check if that is even supported with the CPUID instruction (see Section 5.13.1 (“Detecting and Enabling the Execute-Disable Capability”) of the Intel Architecture’s Software Developer Manual (SDM) for details).

You could, for example, have something like:

enum cpu_feature {
   CPU_FEATURE_NX,
};

bool cpu_has_feature(enum cpu_feature feature);

and simply call panic() if that NX feature is not supported before writing to IA32_EFER.

I think there are some other places too, which should check for CPU feature, so auditing the code after we have the infrastructure is needed.

tapaswenipathak added a commit to tapaswenipathak/manticore that referenced this issue Sep 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants