Module Name: src
Committed By: maxv
Date: Tue May 22 07:11:54 UTC 2018
Modified Files:
src/sys/arch/x86/include: specialreg.h
src/sys/arch/x86/x86: spectre.c x86_machdep.c
Log Message:
Mitigation for SpectreV4, based on SSBD. The following sysctl branches
are added:
machdep.spectre_v4.mitigated = {0/1} user-settable
machdep.spectre_v4.affected = {0/1} set by the kernel
The mitigation is not enabled by default yet. It is not tested either,
because no microcode update has been published yet.
On current CPUs a microcode/bios update must be applied for SSBD to be
available. The user can then set mitigated=1. Even with an update applied
the kernel will set affected=1.
On future CPUs, where the problem will presumably be fixed by default,
the CPU will report SSB_NO, and the kernel will set affected=0. In this
case we also have mitigated=0, but the mitigation is not needed.
For now the feature is system-wide. Perhaps we will want a more
fine-grained, per-process approach in the future.
To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 src/sys/arch/x86/include/specialreg.h
cvs rdiff -u -r1.11 -r1.12 src/sys/arch/x86/x86/spectre.c
cvs rdiff -u -r1.112 -r1.113 src/sys/arch/x86/x86/x86_machdep.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
