artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 80ce14b)
On CPUs that support the Data Independent Timing feature, enable this feature
authorkettenis <kettenis@openbsd.org>
Tue, 4 Oct 2022 19:41:21 +0000 (19:41 +0000)
committerkettenis <kettenis@openbsd.org>
Tue, 4 Oct 2022 19:41:21 +0000 (19:41 +0000)
by default in both the kernel and userland.  At this point, this feature has
only been seen on Apple's CPU cores, where turning it on has no measurable
impact on performance.  Turning this feature on should help to mitigate
timing side-channel attacks.

ok deraadt@, beck@

sys/arch/arm64/arm64/cpu.c patch | blob | history
sys/arch/arm64/arm64/machdep.c patch | blob | history

diff --git a/sys/arch/arm64/arm64/cpu.c b/sys/arch/arm64/arm64/cpu.c
index aa60b20..bb8e82e 100644 (file)
--- a/sys/arch/arm64/arm64/cpu.c
+++ b/sys/arch/arm64/arm64/cpu.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: cpu.c,v 1.70 2022/09/15 01:57:52 jsg Exp $    */
+/*     $OpenBSD: cpu.c,v 1.71 2022/10/04 19:41:21 kettenis Exp $       */
 
 /*
  * Copyright (c) 2016 Dale Rahn <drahn@dalerahn.com>
@@ -756,6 +756,7 @@ void
 cpu_init(void)
 {
        uint64_t id_aa64mmfr1, sctlr;
+       uint64_t id_aa64pfr0;
        uint64_t tcr;
 
        WRITE_SPECIALREG(ttbr0_el1, pmap_kernel()->pm_pt0pa);
@@ -775,6 +776,11 @@ cpu_init(void)
                WRITE_SPECIALREG(sctlr_el1, sctlr);
        }
 
+       /* Enable DIT. */
+       id_aa64pfr0 = READ_SPECIALREG(id_aa64pfr0_el1);
+       if (ID_AA64PFR0_DIT(id_aa64pfr0) >= ID_AA64PFR0_DIT_IMPL)
+               __asm volatile (".arch armv8.4-a; msr dit, #1");
+
        /* Initialize debug registers. */
        WRITE_SPECIALREG(mdscr_el1, DBG_MDSCR_TDCC);
        WRITE_SPECIALREG(oslar_el1, 0);
diff --git a/sys/arch/arm64/arm64/machdep.c b/sys/arch/arm64/arm64/machdep.c
index 01c25ad..6a1ad68 100644 (file)
--- a/sys/arch/arm64/arm64/machdep.c
+++ b/sys/arch/arm64/arm64/machdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: machdep.c,v 1.73 2022/10/03 19:32:22 kettenis Exp $ */
+/* $OpenBSD: machdep.c,v 1.74 2022/10/04 19:41:21 kettenis Exp $ */
 /*
  * Copyright (c) 2014 Patrick Wildt <patrick@blueri.se>
  * Copyright (c) 2021 Mark Kettenis <kettenis@openbsd.org>
@@ -433,7 +433,7 @@ setregs(struct proc *p, struct exec_package *pack, u_long stack,
        tf->tf_sp = stack;
        tf->tf_lr = pack->ep_entry;
        tf->tf_elr = pack->ep_entry; /* ??? */
-       tf->tf_spsr = PSR_M_EL0t;
+       tf->tf_spsr = PSR_M_EL0t | PSR_DIT;
 
        retval[1] = 0;
 }
OpenBSD src
by Ahmet Artu Yildirim