| created | 2024-02-19T02:27:35Z |
|---|---|
| begin | 2024-02-12T00:00:00Z |
| end | 2024-02-12T01:18:17Z |
| path | src/sys |
| commits | 1 |
| date | 2024-02-12T01:18:17Z | |||
|---|---|---|---|---|
| author | guenther | |||
| files | src/sys/arch/amd64/amd64/cpu.c | log | diff | annotate |
| src/sys/arch/amd64/amd64/genassym.cf | log | diff | annotate | |
| src/sys/arch/amd64/amd64/locore.S | log | diff | annotate | |
| src/sys/arch/amd64/amd64/vector.S | log | diff | annotate | |
| src/sys/arch/amd64/amd64/vmm_machdep.c | log | diff | annotate | |
| src/sys/arch/amd64/include/codepatch.h | log | diff | annotate | |
| src/sys/arch/amd64/include/cpu.h | log | diff | annotate | |
| message |
Retpolines are an anti-pattern for IBT, so we need to shift protecting userspace from cross-process BTI to the kernel. Have each CPU track the last pmap run on in userspace and the last vmm VCPU in guest-mode and use the IBPB msr to flush predictors right before running in userspace on a different pmap or entering guest-mode on a different VCPU. Codepatch-nop the userspace bits and conditionalize the vmm bits to keep working if IBPB isn't supported. ok deraadt@ kettenis@ |
|||