Date: Wed, 31 Jan 2018 10:08:30 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Konstantin Belousov <kib@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r328625 - in head/sys: amd64/amd64 amd64/ia32 amd64/include dev/cpuctl i386/i386 x86/include x86/x86 Message-ID: <20180131150830.xjovkkavh44kkegv@mutt-hbsd> In-Reply-To: <201801311436.w0VEaRrZ030839@repo.freebsd.org> References: <201801311436.w0VEaRrZ030839@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--okxnasalwif4s3f7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jan 31, 2018 at 02:36:27PM +0000, Konstantin Belousov wrote: > Author: kib > Date: Wed Jan 31 14:36:27 2018 > New Revision: 328625 > URL: https://svnweb.freebsd.org/changeset/base/328625 >=20 > Log: > IBRS support, AKA Spectre hardware mitigation. > =20 > It is coded according to the Intel document 336996-001, reading of the > patches posted on lkml, and some additional consultations with Intel. > =20 > For existing processors, you need a microcode update which adds IBRS > CPU features, and to manually enable it by setting the tunable/sysctl > hw.ibrs_disable to 0. Current status can be checked in sysctl > hw.ibrs_active. The mitigation might be inactive if the CPU feature > is not patched in, or if CPU reports that IBRS use is not required, by > IA32_ARCH_CAP_IBRS_ALL bit. > =20 > Sponsored by: The FreeBSD Foundation > MFC after: 1 week > Differential revision: https://reviews.freebsd.org/D14029 Hey Kostik, Thank you very much for your work on this. I'm curious why you disable IBPB for userland. Thanks, --=20 Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --okxnasalwif4s3f7 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAlpx2+oACgkQaoRlj1JF bu5ayQ//WhBuFx+pvL212qCVpw5/wjFxN+cSizCXu1vBieNPGwTDlXm659GUtcD+ DBCFcKd92gQTnVGzgnNviuIZ67o5kdKl/DEhAdqKbPNKtiLZUGkFVyzq4aVVoqnZ gD2TLLIAeAoBWtejujvXF+T6dX7zybWYWgpDTVqYPY05s6dW9ui32Lo1KOrpznrR /SjhDRz2tiM3CxPyiTwTIdzOXFlkkNc9qYWwIfgV4rKPB+UdiOWpwrgmYBXZn+Sw kS/sbexo/rsyn9iCkwoKAJyo34YZHNqHu/5c3SdDn7/NsD/gmV7EZ85zxVXVT57E GJ++WgG53SLoMTDbWZW8YrrYUZFy+vNBoYVUQvNgULIVkUJbwetXw28PoLGaDwBD zaA79T95SUGlsV36p4qCpFnUQ4pzPVxukydISBHxJ2MA+ecarwGyTRYktK2BTpJe BAlkcyRt2NYxp8lo7KQ/SGS60M7LSEwAoJGl2ZYf2DO8KfFg1g/Pgnt3NsvyWkQy IINDDw96nNpV+8vv+BlfLs0hv582MTCVToBJ/Hkm2C1RCkrdULsWZpR73Nysk3D8 +o+38fTZ5ZeqvDyUeSgEfYfZt00QYSApUVUUFA8W1MQbXFnuDso3/ptmNUaPXwBJ aOvtA/0rkplFUFMDFy8fD48NH9rtTd8kCK01hhLzi0aAYnN+3+o= =Go35 -----END PGP SIGNATURE----- --okxnasalwif4s3f7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180131150830.xjovkkavh44kkegv>