| created | 2018-11-30T00:14:42Z |
|---|---|
| begin | 2018-07-23T00:00:00Z |
| end | 2018-07-24T00:00:00Z |
| path | src/sys |
| commits | 5 |
| date | 2018-07-23T17:54:04Z | |||
|---|---|---|---|---|
| author | guenther | |||
| files | src/sys/arch/amd64/amd64/locore.S | log | diff | annotate |
| src/sys/arch/amd64/include/asm.h | log | diff | annotate | |
| src/sys/arch/amd64/include/cpufunc.h | log | diff | annotate | |
| src/sys/arch/amd64/include/frameasm.h | log | diff | annotate | |
| message |
Do "Return stack refilling", based on the "Return stack underflow" discussion and its associated appendix at https://support.google.com/faqs/answer/7625886 This should address at least some cases of "SpectreRSB" and earlier Spectre variants; more commits to follow. The refilling is done in the enter-kernel-from-userspace and return-to-userspace-from-kernel paths, making sure to do it before unblocking interrupts so that a successive interrupt can't get the CPU to C code without doing this refill. Per the link above, it also does it immediately after mwait, apparently in case the low-power CPU states of idle-via-mwait flush the RSB. ok mlarkin@ deraadt@ |
|||
| date | 2018-07-23T19:13:54Z | |||
|---|---|---|---|---|
| author | patrick | |||
| files | src/sys/dev/fdt/imxiomuxc.c | log | diff | annotate |
| message |
The imxiomuxc(4) node itself can also contain a set of pins to configure. These are pins that should be configured to a sane state and are not necessarily referenced by another node. ok kettenis@ |
|||
| date | 2018-07-23T21:14:00Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/netinet/tcp_input.c | log | diff | annotate |
| message |
Coverity CID 1470233 complainst that the m != NULL check in syn_cache_get() is not neccessary. Also make the abort label consistent to resetandabort and free the mbuf there. OK mpi@ |
|||
| date | 2018-07-23T23:25:02Z | |||
|---|---|---|---|---|
| author | brynet | |||
| files | src/sys/arch/amd64/amd64/identcpu.c | log | diff | annotate |
| message |
Add "Mitigation G-2" per AMD's Whitepaper "Software Techniques for Managing Speculation on AMD Processors" By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch serializing instruction. Tested on AMD FX-4100 "Bulldozer", and Linux guest in SVM vmd(8) ok deraadt@ mlarkin@ |
|||
| date | 2018-07-23T23:25:03Z | |||
|---|---|---|---|---|
| author | brynet | |||
| files | src/sys/arch/amd64/include/specialreg.h | log | diff | annotate |
| message |
Add "Mitigation G-2" per AMD's Whitepaper "Software Techniques for Managing Speculation on AMD Processors" By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch serializing instruction. Tested on AMD FX-4100 "Bulldozer", and Linux guest in SVM vmd(8) ok deraadt@ mlarkin@ |
|||