11787 Kernel needs to be built with retpolines
11788 Kernel needs to generally use RSB stuffing
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: John Levon <john.levon@joyent.com>

@@ -169,10 +169,18 @@
         andq    $PS_ACHK, %rsi
         movq    %rsi, T_USERACC(%rax)
         call    smap_enable
 
         /*
+         * Take a moment to potentially clear the RSB buffer. This is done to
+         * prevent various Spectre variant 2 and SpectreRSB attacks. This may
+         * not be sufficient. Please see uts/intel/ia32/ml/retpoline.s for more
+         * information about this.
+         */
+        call    x86_rsb_stuff
+
+        /*
          * Save non-volatile registers, and set return address for current
          * thread to resume_return.
          *
          * %r12 = t (new thread) when done
          */

@@ -488,9 +496,9 @@
         ENTRY(thread_start)
         popq    %rax            /* start() */
         popq    %rdi            /* arg */
         popq    %rsi            /* len */
         movq    %rsp, %rbp
-        call    *%rax
+        INDIRECT_CALL_REG(rax)
         call    thread_exit     /* destroy thread if it returns. */
         /*NOTREACHED*/
         SET_SIZE(thread_start)