Print this page
11787 Kernel needs to be built with retpolines
11788 Kernel needs to generally use RSB stuffing
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: John Levon <john.levon@joyent.com>
*** 23,33 ****
*/
/*
* Copyright (c) 2010, Intel Corporation.
* All rights reserved.
*
! * Copyright 2018 Joyent, Inc.
*/
#include <sys/asm_linkage.h>
#include <sys/asm_misc.h>
#include <sys/regset.h>
--- 23,33 ----
*/
/*
* Copyright (c) 2010, Intel Corporation.
* All rights reserved.
*
! * Copyright 2019 Joyent, Inc.
*/
#include <sys/asm_linkage.h>
#include <sys/asm_misc.h>
#include <sys/regset.h>
*** 326,336 ****
/*
* Complete the rest of the setup and call mp_startup().
*/
movq %gs:CPU_THREAD, %rax /* get thread ptr */
! call *T_PC(%rax) /* call mp_startup_boot */
/* not reached */
int $20 /* whoops, returned somehow! */
SET_SIZE(real_mode_start_cpu)
--- 326,337 ----
/*
* Complete the rest of the setup and call mp_startup().
*/
movq %gs:CPU_THREAD, %rax /* get thread ptr */
! movq T_PC(%rax), %rax
! INDIRECT_CALL_REG(rax) /* call mp_startup_boot */
/* not reached */
int $20 /* whoops, returned somehow! */
SET_SIZE(real_mode_start_cpu)
*** 605,614 ****
--- 606,621 ----
/*
* Jump to the stage 2 code in the rm_platter_va->rm_cpu_halt_code
*/
movw $CPUHALTCODEOFF, %ax
+ /*
+ * The following indirect call is executed as part of starting up a CPU.
+ * As such nothing else should be running on it or executing in the
+ * system such that it is a viable Spectre v2 branch target injection
+ * location. At least, in theory.
+ */
jmp *%ax
#endif /* !__GNUC_AS__ */
.globl real_mode_stop_cpu_stage1_end