Module Name: src Committed By: maxv Date: Tue May 14 16:59:26 UTC 2019
Modified Files: src/sys/arch/amd64/amd64: amd64_trap.S locore.S src/sys/arch/amd64/include: frameasm.h src/sys/arch/x86/include: specialreg.h src/sys/arch/x86/x86: spectre.c Log Message: Mitigation for INTEL-SA-00233: Microarchitectural Data Sampling (MDS). It requires a microcode update, now available on the Intel website. The microcode modifies the behavior of the VERW instruction, and makes it flush internal CPU buffers. We hotpatch the return-to-userland path to add VERW. Two sysctls are added: machdep.mds.mitigated = {0/1} user-settable machdep.mds.method = {string} constructed by the kernel The kernel will automatically enable the mitigation if the updated microcode is present. If the new microcode is not present, the user can load it via cpuctl, and set machdep.mds.mitigated=1. To generate a diff of this commit: cvs rdiff -u -r1.46 -r1.47 src/sys/arch/amd64/amd64/amd64_trap.S cvs rdiff -u -r1.180 -r1.181 src/sys/arch/amd64/amd64/locore.S cvs rdiff -u -r1.42 -r1.43 src/sys/arch/amd64/include/frameasm.h cvs rdiff -u -r1.143 -r1.144 src/sys/arch/x86/include/specialreg.h cvs rdiff -u -r1.26 -r1.27 src/sys/arch/x86/x86/spectre.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.