]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd6b804) | patch
amd64: Add a knob to flush RSB on context switches if machine has SMEP.
authorkib <kib@FreeBSD.org>
Wed, 20 May 2020 22:00:31 +0000 (22:00 +0000)
committerkib <kib@FreeBSD.org>
Wed, 20 May 2020 22:00:31 +0000 (22:00 +0000)
commit7265cef26798498ab38d2f1fd3b2838869fd984c
tree12885f0da31dee86267da5c31b891a944e6bd4c1tree | snapshot
parentcd6b8047ff6c3835cbca6f2ec432a92646f0bbcacommit | diff
amd64: Add a knob to flush RSB on context switches if machine has SMEP.

The flush is needed to prevent cross-process ret2spec, which is not handled
on kernel entry if IBPB is enabled but SMEP is present.
While there, add i386 RSB flush.

Reported by: Anthony Steinhauser <asteinhauser@google.com>
Reviewed by: markj, Anthony Steinhauser
Discussed with: philip
admbugs: 961
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
share/man/man7/security.7 diff | blob | history
sys/amd64/amd64/cpu_switch.S diff | blob | history
sys/amd64/amd64/initcpu.c diff | blob | history
sys/amd64/amd64/support.S diff | blob | history
sys/i386/i386/support.s diff | blob | history
sys/x86/include/x86_var.h diff | blob | history
sys/x86/x86/cpu_machdep.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.