From: bluhm Date: Wed, 1 Sep 2021 09:50:21 +0000 (+0000) Subject: Older AMD CPUs that do not support IBRS need an lfence after ret X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=52ac272a18b2bad8b378d56d4caa93222c6f33a1;p=openbsd Older AMD CPUs that do not support IBRS need an lfence after ret to stop speculation. This seems to be necessary when the branch predictor hits the ret for the first time. In their white paper to mitigate speculation attacks, AMD's retpoline example has an explicit lfence. Adjust our retpoline assembly macro in the kernel. OK guenther@ mortimer@ deraadt@ --- diff --git a/sys/arch/amd64/include/asm.h b/sys/arch/amd64/include/asm.h index 8097186ad04..fc575541d82 100644 --- a/sys/arch/amd64/include/asm.h +++ b/sys/arch/amd64/include/asm.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asm.h,v 1.18 2019/04/02 03:35:08 mortimer Exp $ */ +/* $OpenBSD: asm.h,v 1.19 2021/09/01 09:50:21 bluhm Exp $ */ /* $NetBSD: asm.h,v 1.2 2003/05/02 18:05:47 yamt Exp $ */ /*- @@ -193,6 +193,7 @@ jmp 68b ; \ _ALIGN_TRAPS ; \ 69: mov %reg,(%rsp) ; \ - ret + ret ; \ + lfence #endif /* !_MACHINE_ASM_H_ */