Supervisor Mode Access Prevention

Supervisor Mode Access Prevention (SMAP) is a feature of some CPU implementations such as the Intel Broadwell microarchitecture that allows supervisor mode programs to optionally set user-space memory mappings so that access to those mappings from supervisor mode will cause a trap. This makes it harder for malicious programs to "trick" the kernel into using instructions or data from a user-space program.^[1]^[2]

^ Corbet, Jonathan (2012-09-26). "Supervisor mode access prevention". LWN.net. Retrieved 2017-08-04.
^ Mulnix, David (2015-05-22). "Intel Xeon Processor D Product Family Technical Overview: Supervisor Mode Access Protection (SMAP) 4". Intel. Retrieved 2017-08-04.

[LWN-1] Corbet, Jonathan (2012-09-26). "Supervisor mode access prevention". LWN.net. Retrieved 2017-08-04.

[Intel-2] Mulnix, David (2015-05-22). "Intel Xeon Processor D Product Family Technical Overview: Supervisor Mode Access Protection (SMAP) 4". Intel. Retrieved 2017-08-04.

[1]

[2]