11859 need swapgs mitigation
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>

@@ -21,11 +21,11 @@
 
 /*
  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  *
- * Copyright 2018 Joyent, Inc.
+ * Copyright 2019 Joyent, Inc.
  */
 
 /*
  * Debugger entry and exit for both master and slave CPUs. kdi_idthdl.s contains
  * the IDT stubs that drop into here (mainly via kdi_cmnint).

@@ -269,10 +269,13 @@
          * done a swapgs.  All is not lost, as the kernel can divine the correct
          * value for us.  Note that the previous GSBASE is saved in the
          * KDI_SAVE_REGS macro to prevent a usermode process's GSBASE from being
          * blown away.  On the hypervisor, we don't need to do this, since it's
          * ensured we're on our requested kernel GSBASE already.
+         *
+         * No need to worry about swapgs speculation here as it's unconditional
+         * and via wrmsr anyway.
          */
         subq    $10, %rsp
         sgdt    (%rsp)
         movq    2(%rsp), %rdi   /* gdt base now in %rdi */
         addq    $10, %rsp