BTW Maxime, I've updated https://en.wikipedia.org/wiki/Supervisor_Mode_Access_Prevention to note your work on NetBSD support for SMAP and SMEP. Would it be feasible to get SMAP support pulled up to netbsd-8 by chance?
The AMD Epyc processors support SMEP/SMAP as well, hopefully this will eventually trickle down to their consumer lines like Ryzen too. I really hope this huge security cpu bug by Intel for Meltdown will help propel AMD into being a viable competitor. Jaromir 2018-01-07 11:05 GMT+01:00 Maxime Villard <[email protected]>: > Le 06/01/2018 à 16:03, [email protected] a écrit : > >> Runtime detection and configuration is desired as the >> Linux did, rather than fixed compile-time option. >> > > It would be nice, but it is more complicated than it seems. We would have > to hotpatch the entry points, and to do that we need a way to hotpatch > macros, > and right now we don't have that. It would also be useful for SMAP. >
