freebsd-skq/sys/amd64/include
Konstantin Belousov 90e35b0a98 amd64: prevents speculations over swapgs reload of %gs base.
Such speculations could use user-controlled %gs base, esp. since
FreeBSD supports WRGSBASE instructions.

Place LFENCEs on entry for each basic block after the test for
previous kernel/user mode on the kernel entry, which prevents the
speculation.  Code accesses %gs-based PCPU before any serialization
instructions are executed, like %cr3 reload for KPTI.

With pti disabled, on haswell i7-4770S machine, "syscall_timings getppid"
shows when no lfence is added to syscall path:
test	loop	time	iterations	periteration
getppid	0	1.040918865	4643611	0.000000224
getppid	1	1.004985962	4481816	0.000000224
getppid	2	1.005196483	4482363	0.000000224
with lfence:
getppid	0	1.043701091	4554779	0.000000229
getppid	1	1.016930328	4438094	0.000000229
getppid	2	1.023223117	4466640	0.000000229
and ministat reports 'No difference proven at 95.0% confidence.'

Security:	CVE-2019-1125
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-08-06 16:53:25 +00:00
..
pc sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
xen
_align.h
_bus.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
_inttypes.h
_limits.h
_stdint.h
_types.h
acpica_machdep.h
apm_bios.h
asm.h Remove lint support from system headers and MD x86 headers. 2017-11-23 11:40:16 +00:00
asmacros.h amd64: prevents speculations over swapgs reload of %gs base. 2019-08-06 16:53:25 +00:00
atomic.h Make sure kernel modules built by default are portable between UP and 2018-07-06 10:13:42 +00:00
bus_dma.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
bus.h
clock.h re-synchronize TSC-s on SMP systems after resume, if necessary 2018-05-25 07:33:20 +00:00
counter.h Expand x86 struct pcpus to UMA_PCPU_ALLOC_SIZE AKA PAGE_SIZE. 2018-07-06 19:50:44 +00:00
cpu.h Add a custom implementation of cpu_lock_delay() for x86. 2018-11-05 22:54:03 +00:00
cpufunc.h Provide convenience C wrappers for RDPKRU and WRPKRU instructions. 2019-02-19 19:17:20 +00:00
cputypes.h
db_machdep.h Cleanups related to debug exceptions on x86. 2018-05-22 00:45:00 +00:00
dump.h
efi.h amd64 ef_rt_arch_call: Preserve %rflags around call into EFI RT service. 2019-06-03 15:32:42 +00:00
elf.h
endian.h
exec.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
fdt.h
float.h
floatingpoint.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
fpu.h Remove unused error return from API that cannot fail 2018-02-23 20:15:19 +00:00
frame.h PTI for amd64. 2018-01-17 11:44:21 +00:00
gdb_machdep.h amd64: Protect the kernel text, data, and BSS by setting the RW/NX bits 2018-03-06 14:28:37 +00:00
ieeefp.h Resolve conflicts between macros in fenv.h and ieeefp.h 2018-05-31 20:22:47 +00:00
in_cksum.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
intr_machdep.h Drop "All rights reserved" from my copyright statements. 2019-03-06 22:11:45 +00:00
iodev.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
kdb.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
limits.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
md_var.h Add pci_early function to detect Intel stolen memory. 2018-10-31 23:17:00 +00:00
memdev.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
metadata.h
minidump.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
mp_watchdog.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
nexusvar.h
npx.h
ofw_machdep.h
param.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
pcb.h PTI: Trap if we returned to userspace with kernel (full) page table 2018-01-19 22:10:29 +00:00
pci_cfgreg.h
pcpu.h Mitigations for Microarchitectural Data Sampling. 2019-05-14 17:02:20 +00:00
pmap.h Correct definition for PGEX_SGX. 2019-06-08 20:26:04 +00:00
pmc_mdep.h hwpmc: ABI fixes 2018-06-04 02:05:48 +00:00
ppireg.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
proc.h amd64 pmap: rework delayed invalidation, removing global mutex. 2019-05-16 13:28:48 +00:00
procctl.h amd64 KPTI: add control from procctl(2). 2019-03-16 11:44:33 +00:00
profile.h Fix high resolution kernel profiling just enough to not crash at boot 2018-06-02 05:48:44 +00:00
psl.h
ptrace.h
pvclock.h
reg.h
reloc.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
resource.h
runq.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
segments.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
setjmp.h
sf_buf.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
sgx.h Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
sgxreg.h Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
sigframe.h
signal.h
smp.h x86: improve reservation of AP trampoline memory 2018-04-05 14:39:51 +00:00
specialreg.h
stack.h
stdarg.h
sysarch.h
timerreg.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
trap.h
tss.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ucontext.h
vdso.h
vm.h sys/amd64: further adoption of SPDX licensing ID tags. 2017-11-27 15:03:07 +00:00
vmm_dev.h Tie the name limit of a VM to SPECNAMELEN from devfs instead of a 2019-07-12 18:37:56 +00:00
vmm_instruction_emul.h Add a new variant of the GLA2GPA ioctl for use by the debug server. 2018-02-26 19:19:05 +00:00
vmm.h vmx: use C99 bool, not boolean_t 2019-08-01 02:16:48 +00:00
vmparam.h Provide pmap_large_map() KPI on amd64. 2018-10-16 17:28:10 +00:00