The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=7aa47cace14948a7b8277a4b24a0ca9e0308990a
commit 7aa47cace14948a7b8277a4b24a0ca9e0308990a Author: Konstantin Belousov <[email protected]> AuthorDate: 2021-08-25 19:28:57 +0000 Commit: Konstantin Belousov <[email protected]> CommitDate: 2021-08-26 16:09:21 +0000 amd64: remove lfence after swapgs on syscall entry According to the description of SBSS issue at https://software.intel.com/content/www/us/en/develop/articles/software-security-guidance/technical-documentation/speculative-behavior-swapgs-and-segment-registers.html lfence after swapgs is needed only for the case when swapgs could be speculatively executed. Since syscall entry, unlike exception and interrupt entries, executes swapgs unconditionally, there is no opportunity for speculation. Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D31682 --- sys/amd64/amd64/exception.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/sys/amd64/amd64/exception.S b/sys/amd64/amd64/exception.S index d1e49faa40e7..6471f9a3041c 100644 --- a/sys/amd64/amd64/exception.S +++ b/sys/amd64/amd64/exception.S @@ -524,7 +524,6 @@ prot_addrf: SUPERALIGN_TEXT IDTVEC(fast_syscall_pti) swapgs - lfence cmpq $~0,PCPU(UCR3) je fast_syscall_common movq %rax,PCPU(SCRATCH_RAX) @@ -535,7 +534,6 @@ IDTVEC(fast_syscall_pti) SUPERALIGN_TEXT IDTVEC(fast_syscall) swapgs - lfence fast_syscall_common: movq %rsp,PCPU(SCRATCH_RSP) movq PCPU(RSP0),%rsp _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "[email protected]"
