not indicate bit 9 set, but they could have a firmware fix) but then block
a msr write to bit 9 (which disables enough AVX optimizations
to prevent the exfiltration of data), with a fault. So let's also check
the HV bit before we decide to modify the bit. hypervisors are expected
to set that bit. tested by lucas at sexy dot is.
with jsg, ok mlarkin
-/* $OpenBSD: cpu.c,v 1.172 2023/07/24 14:53:58 deraadt Exp $ */
+/* $OpenBSD: cpu.c,v 1.173 2023/07/25 04:42:00 deraadt Exp $ */
/* $NetBSD: cpu.c,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */
/*-
if (msr != nmsr)
wrmsr(MSR_DE_CFG, nmsr);
}
- if (family == 0x17 && ci->ci_model >= 0x31) {
+ if (family == 0x17 && ci->ci_model >= 0x31 &&
+ (cpu_ecxfeature & CPUIDECX_HV) == 0) {
nmsr = msr = rdmsr(MSR_DE_CFG);
nmsr |= DE_CFG_SERIALIZE_9;
if (msr != nmsr)
-/* $OpenBSD: machdep.c,v 1.664 2023/07/24 14:54:00 deraadt Exp $ */
+/* $OpenBSD: machdep.c,v 1.665 2023/07/25 04:42:02 deraadt Exp $ */
/* $NetBSD: machdep.c,v 1.214 1996/11/10 03:16:17 thorpej Exp $ */
/*-
if (msr != nmsr)
wrmsr(MSR_DE_CFG, nmsr);
}
- if (family == 0x17 && ci->ci_model >= 0x31) {
+ if (family == 0x17 && ci->ci_model >= 0x31 &&
+ (cpu_ecxfeature & CPUIDECX_HV) == 0) {
nmsr = msr = rdmsr(MSR_DE_CFG);
nmsr |= DE_CFG_SERIALIZE_9;
if (msr != nmsr)
projects / openbsd / commitdiff