From dd1d7e22237203965bf0d8e1f8e5d9b06169e3b1 Mon Sep 17 00:00:00 2001 From: brynet Date: Tue, 24 Jul 2018 17:31:23 +0000 Subject: [PATCH] Do the same for i386 as amd64: Add "Mitigation G-2" per AMD's Whitepaper "Software Techniques for Managing Speculation on AMD Processors" By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch serializing instruction. ok deraadt@ --- sys/arch/i386/i386/machdep.c | 22 +++++++++++++++++++++- sys/arch/i386/include/specialreg.h | 3 ++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/sys/arch/i386/i386/machdep.c b/sys/arch/i386/i386/machdep.c index 350c7d65ed6..e44bc0fd544 100644 --- a/sys/arch/i386/i386/machdep.c +++ b/sys/arch/i386/i386/machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: machdep.c,v 1.620 2018/07/10 04:19:59 guenther Exp $ */ +/* $OpenBSD: machdep.c,v 1.621 2018/07/24 17:31:23 brynet Exp $ */ /* $NetBSD: machdep.c,v 1.214 1996/11/10 03:16:17 thorpej Exp $ */ /*- @@ -2023,6 +2023,26 @@ identifycpu(struct cpu_info *ci) printf("\n"); } + /* + * "Mitigation G-2" per AMD's Whitepaper "Software Techniques + * for Managing Speculation on AMD Processors" + * + * By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch + * serializing instruction. + * + * This MSR is available on all AMD families >= 10h, except 11h + * where LFENCE is always serializing. + */ + if (!strcmp(cpu_vendor, "AuthenticAMD")) { + if (ci->ci_family >= 0x10 && ci->ci_family != 0x11) { + uint64_t msr; + + msr = rdmsr(MSR_DE_CFG); + msr |= DE_CFG_SERIALIZE_LFENCE; + wrmsr(MSR_DE_CFG, msr); + } + } + /* * Attempt to disable Silicon Debug and lock the configuration * if it's enabled and unlocked. diff --git a/sys/arch/i386/include/specialreg.h b/sys/arch/i386/include/specialreg.h index 3c5de81b402..ad4668bbb4b 100644 --- a/sys/arch/i386/include/specialreg.h +++ b/sys/arch/i386/include/specialreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: specialreg.h,v 1.66 2018/05/28 20:52:44 bluhm Exp $ */ +/* $OpenBSD: specialreg.h,v 1.67 2018/07/24 17:31:23 brynet Exp $ */ /* $NetBSD: specialreg.h,v 1.7 1994/10/27 04:16:26 cgd Exp $ */ /*- @@ -484,6 +484,7 @@ #define MSR_DE_CFG 0xc0011029 /* Decode Configuration */ #define DE_CFG_721 0x00000001 /* errata 721 */ +#define DE_CFG_SERIALIZE_LFENCE (1 << 1) /* Enable serializing lfence */ #define IPM_C1E_CMP_HLT 0x10000000 #define IPM_SMI_CMP_HLT 0x08000000 -- 2.20.1