From 6cf8fba381533f70d982d93a045c3cbc885bc7f3 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Sat, 13 Jun 2020 18:19:42 +0000 Subject: [PATCH] procctl(2): document PROC_KPTI Reviewed by: bcr Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D25258 --- lib/libc/sys/procctl.2 | 43 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/lib/libc/sys/procctl.2 b/lib/libc/sys/procctl.2 index aa9852e32f5..67ae122dd64 100644 --- a/lib/libc/sys/procctl.2 +++ b/lib/libc/sys/procctl.2 @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 16, 2020 +.Dd June 13, 2020 .Dt PROCCTL 2 .Os .Sh NAME @@ -565,6 +565,47 @@ Stack gaps are disabled in the process after .Xr execve 2 . .El .El +.Sh x86 MACHINE-SPECIFIC REQUESTS +.Bl -tag -width PROC_KPTI_STATUS +.It Dv PROC_KPTI_CTL +AMD64 only. +Controls the Kernel Page Table Isolation (KPTI) option for the children +of the specified process. +For the command to work, the +.Va vm.pmap.kpti +tunable must be enabled on boot. +It is not possible to change the KPTI setting for a running process, +except at the +.Xr execve 2 , +where the address space is reinitialized. +.Pp +The +.Fa data +parameter must point to an integer variable containing one of the +following commands: +.Bl -tag -width PROC_KPTI_CTL_DISABLE_ON_EXEC +.It Dv PROC_KPTI_CTL_ENABLE_ON_EXEC +Enable KPTI after +.Xr execve 2 . +.It Dv PROC_KPTI_CTL_DISABLE_ON_EXEC +Disable KPTI after +.Xr execve 2 . +Only root or a process having the +.Va PRIV_IO +privilege might use this option. +.El +.It Dv PROC_KPTI_STATUS +Returns the current KPTI status for the specified process. +.Fa data must point to the integer variable, which returns the +following statuses: +.Bl -tag -width PROC_KPTI_CTL_DISABLE_ON_EXEC +.It Dv PROC_KPTI_CTL_ENABLE_ON_EXEC +.It Dv PROC_KPTI_CTL_DISABLE_ON_EXEC +.El +.Pp +The status is or-ed with the +.Va PROC_KPTI_STATUS_ACTIVE +in case KPTI is active for the current address space of the process. .Sh NOTES Disabling tracing on a process should not be considered a security feature, as it is bypassable both by the kernel and privileged processes,