From owner-svn-src-all@freebsd.org  Fri Jan 19 15:42:36 2018
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F576EB8D4A;
 Fri, 19 Jan 2018 15:42:36 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 07F902AB3;
 Fri, 19 Jan 2018 15:42:36 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 397DC76B6;
 Fri, 19 Jan 2018 15:42:35 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w0JFgYfv070922;
 Fri, 19 Jan 2018 15:42:34 GMT (envelope-from emaste@FreeBSD.org)
Received: (from emaste@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w0JFgY1Q070919;
 Fri, 19 Jan 2018 15:42:34 GMT (envelope-from emaste@FreeBSD.org)
Message-Id: <201801191542.w0JFgY1Q070919@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: emaste set sender to
 emaste@FreeBSD.org using -f
From: Ed Maste <emaste@FreeBSD.org>
Date: Fri, 19 Jan 2018 15:42:34 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r328166 - in head/sys: amd64/amd64 x86/include x86/x86
X-SVN-Group: head
X-SVN-Commit-Author: emaste
X-SVN-Commit-Paths: in head/sys: amd64/amd64 x86/include x86/x86
X-SVN-Commit-Revision: 328166
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2018 15:42:36 -0000

Author: emaste
Date: Fri Jan 19 15:42:34 2018
New Revision: 328166
URL: https://svnweb.freebsd.org/changeset/base/328166

Log:
  Enable KPTI by default on amd64 for non-AMD CPUs
  
  Kernel Page Table Isolation (KPTI) was introduced in r328083 as a
  mitigation for the 'Meltdown' vulnerability.  AMD CPUs are not affected,
  per https://www.amd.com/en/corporate/speculative-execution:
  
      We believe AMD processors are not susceptible due to our use of
      privilege level protections within paging architecture and no
      mitigation is required.
  
  Thus default KPTI to off for AMD CPUs, and to on for others.  This may
  be refined later as we obtain more specific information on the sets of
  CPUs that are and are not affected.
  
  Submitted by:	Mitchell Horne
  Reviewed by:	cem
  Relnotes:	Yes
  Security:	CVE-2017-5754
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D13971

Modified:
  head/sys/amd64/amd64/machdep.c
  head/sys/x86/include/x86_var.h
  head/sys/x86/x86/identcpu.c

Modified: head/sys/amd64/amd64/machdep.c
==============================================================================
--- head/sys/amd64/amd64/machdep.c	Fri Jan 19 15:32:27 2018	(r328165)
+++ head/sys/amd64/amd64/machdep.c	Fri Jan 19 15:42:34 2018	(r328166)
@@ -1621,6 +1621,7 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 	mtx_init(&dt_lock, "descriptor tables", NULL, MTX_DEF);
 
 	/* exceptions */
+	pti = pti_get_default();
 	TUNABLE_INT_FETCH("vm.pmap.pti", &pti);
 
 	for (x = 0; x < NIDT; x++)

Modified: head/sys/x86/include/x86_var.h
==============================================================================
--- head/sys/x86/include/x86_var.h	Fri Jan 19 15:32:27 2018	(r328165)
+++ head/sys/x86/include/x86_var.h	Fri Jan 19 15:42:34 2018	(r328166)
@@ -136,6 +136,7 @@ void	nmi_call_kdb_smp(u_int type, struct trapframe *fr
 void	nmi_handle_intr(u_int type, struct trapframe *frame);
 void	pagecopy(void *from, void *to);
 void	printcpuinfo(void);
+int	pti_get_default(void);
 int	user_dbreg_trap(void);
 int	minidumpsys(struct dumperinfo *);
 struct pcb *get_pcb_td(struct thread *td);

Modified: head/sys/x86/x86/identcpu.c
==============================================================================
--- head/sys/x86/x86/identcpu.c	Fri Jan 19 15:32:27 2018	(r328165)
+++ head/sys/x86/x86/identcpu.c	Fri Jan 19 15:42:34 2018	(r328166)
@@ -1608,6 +1608,16 @@ finishidentcpu(void)
 #endif
 }
 
+int
+pti_get_default(void)
+{
+
+	if (strcmp(cpu_vendor, AMD_VENDOR_ID) == 0)
+		return (0);
+
+	return (1);
+}
+
 static u_int
 find_cpu_vendor_id(void)
 {