Permalink
Please
sign in to comment.
Browse files
Kernel: Enable x86 UMIP (User Mode Instruction Prevention) if supported
This prevents code running outside of kernel mode from using the following instructions: * SGDT - Store Global Descriptor Table * SIDT - Store Interrupt Descriptor Table * SLDT - Store Local Descriptor Table * SMSW - Store Machine Status Word * STR - Store Task Register There's no need for userspace to be able to use these instructions so let's just disable them to prevent information leakage.
- Loading branch information
Showing
with
23 additions
and 1 deletion.
- +1 −0 Base/usr/share/man/man1/crash.md
- +2 −0 Kernel/Arch/i386/CPU.cpp
- +1 −0 Kernel/Arch/i386/CPU.h
- +8 −0 Kernel/init.cpp
- +11 −1 Userland/crash.cpp
0 comments on commit
9c0836c