From 32e93c88081d88640d1a4cdca4019c0ef7ece0a3 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Fri, 19 Feb 2021 18:25:28 +0100
Subject: [PATCH] Kernel: Mark write_cr0() and write_cr4() as UNMAP_AFTER_INIT

This removes a very useful tool for attackers trying to disable
SMAP/SMEP/etc. :^)
---
 Kernel/Arch/i386/CPU.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Kernel/Arch/i386/CPU.cpp b/Kernel/Arch/i386/CPU.cpp
index 5030e9d654..cc34e5dc5f 100644
--- a/Kernel/Arch/i386/CPU.cpp
+++ b/Kernel/Arch/i386/CPU.cpp
@@ -720,12 +720,12 @@ void exit_trap(TrapFrame* trap)
     return Processor::current().exit_trap(*trap);
 }
 
-void write_cr0(u32 value)
+NEVER_INLINE UNMAP_AFTER_INIT void write_cr0(u32 value)
 {
     asm volatile("movl %%eax, %%cr0" ::"a"(value));
 }
 
-void write_cr4(u32 value)
+NEVER_INLINE UNMAP_AFTER_INIT void write_cr4(u32 value)
 {
     asm volatile("movl %%eax, %%cr4" ::"a"(value));
 }