-/* $OpenBSD: cpu.c,v 1.179 2024/02/12 01:18:17 guenther Exp $ */
+/* $OpenBSD: cpu.c,v 1.180 2024/02/12 02:57:14 jsg Exp $ */
/* $NetBSD: cpu.c,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */
/*-
{
static int replacedone = 0;
struct cpu_info *ci = &cpu_info_primary;
- int swapgs_vuln = 0, ibrs = 0, s;
+ int swapgs_vuln = 0, ibrs = 0, s, ibpb = 0;
if (strcmp(cpu_vendor, "GenuineIntel") == 0) {
int family = ci->ci_family;
} else if (ci->ci_feature_sefflags_edx & SEFF0EDX_IBRS) {
ibrs = 1;
}
+ if (ci->ci_feature_sefflags_edx & SEFF0EDX_IBRS)
+ ibpb = 1;
} else if (strcmp(cpu_vendor, "AuthenticAMD") == 0 &&
ci->ci_pnfeatset >= 0x80000008) {
if (ci->ci_feature_amdspec_ebx & CPUIDEBX_IBRS_ALWAYSON) {
(ci->ci_feature_amdspec_ebx & CPUIDEBX_IBRS_PREF)) {
ibrs = 1;
}
+ if (ci->ci_feature_amdspec_ebx & CPUIDEBX_IBPB)
+ ibpb = 1;
}
/* Enhanced IBRS: turn it on once on each CPU and don't touch again */
s = splhigh();
/* If we don't have IBRS/IBPB, then don't use IBPB */
- if ((ci->ci_feature_sefflags_edx & SEFF0EDX_IBRS) == 0)
+ if (ibpb == 0)
codepatch_nop(CPTAG_IBPB_NOP);
if (ibrs == 2 || (ci->ci_feature_sefflags_edx & SEFF0EDX_IBT)) {
-/* $OpenBSD: vmm_machdep.c,v 1.17 2024/02/12 01:18:17 guenther Exp $ */
+/* $OpenBSD: vmm_machdep.c,v 1.18 2024/02/12 02:57:14 jsg Exp $ */
/*
* Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
*
* then use it to prevent cross-VM branch-target injection.
*/
if (ci->ci_guest_vcpu != vcpu &&
- (ci->ci_feature_sefflags_edx & SEFF0EDX_IBRS)) {
+ (ci->ci_feature_amdspec_ebx & CPUIDEBX_IBPB)) {
wrmsr(MSR_PRED_CMD, PRED_CMD_IBPB);
ci->ci_guest_vcpu = vcpu;
}
projects / openbsd / commitdiff