git: kernel - Flesh out Spectre mitigation support

Matthew Dillon dillon at crater.dragonflybsd.org
Tue May 8 10:01:42 PDT 2018 

commit 375bb03e4563970aee0a2a500e742732a6c8a975
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Mon Apr 30 20:50:13 2018 -0700

    kernel - Flesh out Spectre mitigation support
    
    * Add handling for all modes for AMD CPUs, including support for
      IBRS_AUTO and STIBP_AUTO (always-on) bits which will be added
      to future cpus.
    
    * Add STIBP handling to Intel CPUs.  I can't find definitions for
      AUTO (always-on) modes for Intel, so those are still not supported
      (no current CPU has AUTO support yet anyway).
    
    * Current DragonFlyBSD defaults: Will enable IBRS_AUTO and STIBP_AUTO
      (always on) support by default if the cpu has it.  Will NOT enable IBRS
      or STIBP (non-auto) toggling by default.  Will not enable IBPB by default.
    
      IBPB is currently not enabled by default.  The overhead is an enormous
      ~2uS.  We will follow Linux in this regard.
    
    * Change the machdep.spectre_mitigation sysctl to take a string of
      features to enable.  Change machdep.spectre_support to display a
      string of features supported.  Possible features are:
    
      IBRS          Indirect Branch Restricted Speculation (U->K and K->U)
      STIBP         Single Thread Indirect Branch Prediction (U->K and K->U)
      IBPB          Branch Prediction Barrier (U->K)
      IBRS_AUTO     IBRS always-on (set once and forget)
      STIBP_AUTO    STIBP always-on (set once and forget)
    
      The machdep.spectre_support sysctl tells you whats available.
    
    * Refactor tr_pcb_gflags into tr_pcb_spec_ctrl[2] to make it easier
      for the assembly code to program the SPEC_CTRL MSR.
    
    * Note that some of the above bits will never be supported by current
      hardware and exist to allow future hardware to support these features
      in a less expensive manner.
    
    * Also note that for Meltdown, AMD is immune and the meltdown mitigation
      will not be enabled.  Intel is vulnerable and the mitigation will be
      enabled by default.  See sysctl machdep.meltdown_mitigation.

Summary of changes:
 sys/cpu/x86_64/include/asmacros.h     |  31 +--
 sys/cpu/x86_64/include/frame.h        |   2 +-
 sys/cpu/x86_64/include/specialreg.h   |  42 +++-
 sys/platform/pc64/include/pcb.h       |   9 +-
 sys/platform/pc64/x86_64/genassym.c   |  12 +-
 sys/platform/pc64/x86_64/machdep.c    |  44 ++--
 sys/platform/pc64/x86_64/vm_machdep.c | 438 +++++++++++++++++++++++-----------
 7 files changed, 381 insertions(+), 197 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/375bb03e4563970aee0a2a500e742732a6c8a975


-- 
DragonFly BSD source repository

More information about the Commits mailing list