artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ffea1c3) | patch
Retpolines are an anti-pattern for IBT, so we need to shift protecting
authorguenther <guenther@openbsd.org>
Mon, 12 Feb 2024 01:18:17 +0000 (01:18 +0000)
committerguenther <guenther@openbsd.org>
Mon, 12 Feb 2024 01:18:17 +0000 (01:18 +0000)
commit6cbac32f9ea2203a6cfb69c3648aeb36e7aff937
tree253b7fa0293af20dc8d65ca0bdf2dd33c60e8d7btree | snapshot
parentffea1c3a08c0a59cf461f460ad974c12812054f4commit | diff
Retpolines are an anti-pattern for IBT, so we need to shift protecting
userspace from cross-process BTI to the kernel.  Have each CPU track
the last pmap run on in userspace and the last vmm VCPU in guest-mode
and use the IBPB msr to flush predictors right before running in
userspace on a different pmap or entering guest-mode on a different
VCPU.  Codepatch-nop the userspace bits and conditionalize the vmm
bits to keep working if IBPB isn't supported.

ok deraadt@ kettenis@
sys/arch/amd64/amd64/cpu.c diff | blob | history
sys/arch/amd64/amd64/genassym.cf diff | blob | history
sys/arch/amd64/amd64/locore.S diff | blob | history
sys/arch/amd64/amd64/vector.S diff | blob | history
sys/arch/amd64/amd64/vmm_machdep.c diff | blob | history
sys/arch/amd64/include/codepatch.h diff | blob | history
sys/arch/amd64/include/cpu.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim