artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ca3d78c) | patch
To mitigate against spectre attacks, AMD processors without the
authorbluhm <bluhm@openbsd.org>
Sat, 4 Sep 2021 22:15:33 +0000 (22:15 +0000)
committerbluhm <bluhm@openbsd.org>
Sat, 4 Sep 2021 22:15:33 +0000 (22:15 +0000)
commit3dd0809fbcf33671ef9b3771096948131e7cafab
tree8a2387ab3017c189b16869b5edf55d71cc88f478tree | snapshot
parentca3d78cb52dcb4d690754a9aa872b86caa08d37dcommit | diff
To mitigate against spectre attacks, AMD processors without the
IBRS feature need an lfence instruction after every near ret.  Place
them after all functions in the kernel which are implemented in
assembler.  Change the retguard macro so that the end of the lfence
instruction is 16-byte aligned now.  This prevents that the ret
instruction is at the end of a 32-byte boundary.  The latter would
cause a performance impact on certain Intel processors which have
a microcode update to mitigate the jump conditional code erratum.
See software techniques for managing speculation on AMD processors
revision 9.17.20 mitigation G-5.
See Intel mitigations for jump conditional code erratum revision
1.0 november 2019 2.4 software guidance and optimization methods.
OK deraadt@ mortimer@
sys/arch/amd64/amd64/acpi_wakecode.S diff | blob | history
sys/arch/amd64/amd64/aes_intel.S diff | blob | history
sys/arch/amd64/amd64/copy.S diff | blob | history
sys/arch/amd64/amd64/locore.S diff | blob | history
sys/arch/amd64/amd64/mds.S diff | blob | history
sys/arch/amd64/amd64/spl.S diff | blob | history
sys/arch/amd64/amd64/vector.S diff | blob | history
sys/arch/amd64/amd64/vmm_support.S diff | blob | history
sys/arch/amd64/include/asm.h diff | blob | history
sys/arch/amd64/include/profile.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim