a36b6ec0f9
Similarly as we already do for arm64, for mitigation is necessary to flush branch predictor when we: - do task switch - receive prefetch abort on non-userspace address The user can disable this mitigation by setting 'machdep.disable_bp_hardening' sysctl variable, or it can check actual system status by reading 'machdep.spectre_v2_safe' The situation is complicated by fact that: - for Cortex-A8, the BPIALL instruction is effectively NOP until the IBE bit in ACTLR is set. - for Cortex-A15, the BPIALL is always NOP. The branch predictor can be only flushed by doing ICIALLU with special bit (Enable invalidates of BTB) set in ACTLR. Since access to the ACTLR register is locked to secure monitor/firmware on most boards, they will also need update of firmware / U-boot. In worst case, when secure monitor is on-chip ROM (e.g. PandaBoard), the board is unfixable. MFC after: 2 weeks Reviewed by: imp, emaste Differential Revision: https://reviews.freebsd.org/D13931