Module Name:    src
Committed By:   martin
Date:           Wed Apr 11 14:23:31 UTC 2018

Modified Files:
        src/share/man/man4 [netbsd-8]: options.4
        src/sys/arch/amd64/conf [netbsd-8]: ALL GENERIC Makefile.amd64
            files.amd64
        src/sys/arch/i386/conf [netbsd-8]: ALL GENERIC Makefile.i386 files.i386

Log Message:
Pull up following revision(s) (requested by mrg in ticket #731):
        sys/arch/i386/conf/files.i386: revision 1.392
        sys/arch/i386/conf/GENERIC: revision 1.1175
        sys/arch/i386/conf/GENERIC: revision 1.1176
        sys/arch/amd64/conf/files.amd64: revision 1.102
        sys/arch/i386/conf/GENERIC: revision 1.1177
        share/man/man4/options.4: revision 1.485 (patch)
        sys/arch/i386/conf/Makefile.i386: revision 1.190
        sys/arch/amd64/conf/GENERIC: revision 1.487
        sys/arch/amd64/conf/ALL: revision 1.85
        sys/arch/amd64/conf/GENERIC: revision 1.488
        sys/arch/amd64/conf/GENERIC: revision 1.489
        sys/arch/amd64/conf/Makefile.amd64: revision 1.67
        sys/arch/i386/conf/ALL: revision 1.437

add an SPECTRE_V2_GCC_MITIGATION option to x86 kernels, that turns
on the GCC spectre v2 mitigation options.
XXX: pullup-8.
XXX: turn on in all kernels.

actually do what the previous change said:
don't turn on the new 'SPECTRE_V2_GCC_MITIGATION' option yet.

turn on GCC spectre v2 mitigation options.
XXX: amd64 ALL doesn't build for me right now


To generate a diff of this commit:
cvs rdiff -u -r1.466 -r1.466.2.1 src/share/man/man4/options.4
cvs rdiff -u -r1.59.2.4 -r1.59.2.5 src/sys/arch/amd64/conf/ALL
cvs rdiff -u -r1.459.2.7 -r1.459.2.8 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.57 -r1.57.6.1 src/sys/arch/amd64/conf/Makefile.amd64
cvs rdiff -u -r1.88.8.2 -r1.88.8.3 src/sys/arch/amd64/conf/files.amd64
cvs rdiff -u -r1.419.2.2 -r1.419.2.3 src/sys/arch/i386/conf/ALL
cvs rdiff -u -r1.1156.2.7 -r1.1156.2.8 src/sys/arch/i386/conf/GENERIC
cvs rdiff -u -r1.185 -r1.185.10.1 src/sys/arch/i386/conf/Makefile.i386
cvs rdiff -u -r1.378.6.1 -r1.378.6.2 src/sys/arch/i386/conf/files.i386

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/share/man/man4/options.4
diff -u src/share/man/man4/options.4:1.466 src/share/man/man4/options.4:1.466.2.1
--- src/share/man/man4/options.4:1.466	Fri May 19 14:18:41 2017
+++ src/share/man/man4/options.4	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-.\"	$NetBSD: options.4,v 1.466 2017/05/19 14:18:41 abhinav Exp $
+.\"	$NetBSD: options.4,v 1.466.2.1 2018/04/11 14:23:30 martin Exp $
 .\"
 .\" Copyright (c) 1996
 .\" 	Perry E. Metzger.  All rights reserved.
@@ -31,6 +31,7 @@
 .\"
 .\"
 .Dd March 9, 2017
+.Dd April 5, 2018
 .Dt OPTIONS 4
 .Os
 .Sh NAME
@@ -2549,6 +2550,17 @@ base memory size to prevent programs ove
 This is correct behavior, and you should not use the
 .Em REALBASEMEM
 option to access this memory).
+.It Cd options SPECTRE_V2_GCC_MITIGATION=1
+Enable GCC-specific Spectre variant 2 mitigations.
+For 32-bit kernels this means these options:
+.Bd -literal -offset indent
+-mindirect-branch=thunk -mindirect-branch-register
+.Ed
+.Pp
+For 64-bit kernels this means these options:
+.Bd -literal -offset indent
+-mindirect-branch=thunk-inline -mindirect-branch-register
+.Ed
 .It Cd options REALEXTMEM=integer
 Overrides the extended memory size passed in from the boot block.
 (Value given in kilobytes.
@@ -2786,6 +2798,7 @@ bolded
 .\" .Sh EXAMPLES
 .Sh SEE ALSO
 .Xr config 1 ,
+.Xr gcc 1 ,
 .Xr gdb 1 ,
 .Xr ktrace 1 ,
 .Xr pmc 1 ,

Index: src/sys/arch/amd64/conf/ALL
diff -u src/sys/arch/amd64/conf/ALL:1.59.2.4 src/sys/arch/amd64/conf/ALL:1.59.2.5
--- src/sys/arch/amd64/conf/ALL:1.59.2.4	Mon Apr  9 12:49:32 2018
+++ src/sys/arch/amd64/conf/ALL	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.59.2.4 2018/04/09 12:49:32 bouyer Exp $
+# $NetBSD: ALL,v 1.59.2.5 2018/04/11 14:23:30 martin Exp $
 # From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
 #
 # ALL machine description file
@@ -17,7 +17,7 @@ include 	"arch/amd64/conf/std.amd64"
 
 options 	INCLUDE_CONFIG_FILE	# embed config file in kernel binary
 
-#ident		"ALL-$Revision: 1.59.2.4 $"
+#ident		"ALL-$Revision: 1.59.2.5 $"
 
 maxusers	64		# estimated number of users
 
@@ -28,6 +28,8 @@ makeoptions	USE_SSP=yes
 #options 	USER_LDT	# user-settable LDT; used by WINE
 options 	X86EMU		# 386 Real Mode emulator
 #options 	PAE		# PAE mode (36 bits physical addressing)
+makeoptions	SPECTRE_V2_GCC_MITIGATION=1	# GCC Spectre variant 2
+						# migitation
 
 # CPU features
 acpicpu*	at cpu?		# ACPI CPU (including frequency scaling)

Index: src/sys/arch/amd64/conf/GENERIC
diff -u src/sys/arch/amd64/conf/GENERIC:1.459.2.7 src/sys/arch/amd64/conf/GENERIC:1.459.2.8
--- src/sys/arch/amd64/conf/GENERIC:1.459.2.7	Wed Apr  4 16:25:23 2018
+++ src/sys/arch/amd64/conf/GENERIC	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.459.2.7 2018/04/04 16:25:23 martin Exp $
+# $NetBSD: GENERIC,v 1.459.2.8 2018/04/11 14:23:30 martin Exp $
 #
 # GENERIC machine description file
 #
@@ -22,7 +22,7 @@ include 	"arch/amd64/conf/std.amd64"
 
 options 	INCLUDE_CONFIG_FILE	# embed config file in kernel binary
 
-#ident		"GENERIC-$Revision: 1.459.2.7 $"
+#ident		"GENERIC-$Revision: 1.459.2.8 $"
 
 maxusers	64		# estimated number of users
 
@@ -75,6 +75,8 @@ options 	SYSCTL_INCLUDE_DESCR	# Include 
 
 # CPU-related options
 options 	SVS		# Separate Virtual Space
+makeoptions	SPECTRE_V2_GCC_MITIGATION=1	# GCC Spectre variant 2
+						# migitation
 
 # CPU features
 acpicpu*	at cpu?		# ACPI CPU (including frequency scaling)

Index: src/sys/arch/amd64/conf/Makefile.amd64
diff -u src/sys/arch/amd64/conf/Makefile.amd64:1.57 src/sys/arch/amd64/conf/Makefile.amd64:1.57.6.1
--- src/sys/arch/amd64/conf/Makefile.amd64:1.57	Sat Feb 11 16:02:11 2017
+++ src/sys/arch/amd64/conf/Makefile.amd64	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.amd64,v 1.57 2017/02/11 16:02:11 maxv Exp $
+#	$NetBSD: Makefile.amd64,v 1.57.6.1 2018/04/11 14:23:30 martin Exp $
 
 # Makefile for NetBSD
 #
@@ -43,6 +43,11 @@ CFLAGS+=	-msoft-float
 # For gcc we might need this, but other compilers barf
 # CFLAGS+=	-mno-fp-ret-in-387
 
+.if !empty(SPECTRE_V2_GCC_MITIGATION) && ${HAVE_GCC:U0} > 0
+CFLAGS+=      -mindirect-branch=thunk-inline
+CFLAGS+=      -mindirect-branch-register
+.endif
+
 ##
 ## (3) libkern and compat
 ##

Index: src/sys/arch/amd64/conf/files.amd64
diff -u src/sys/arch/amd64/conf/files.amd64:1.88.8.2 src/sys/arch/amd64/conf/files.amd64:1.88.8.3
--- src/sys/arch/amd64/conf/files.amd64:1.88.8.2	Wed Mar  7 14:50:57 2018
+++ src/sys/arch/amd64/conf/files.amd64	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: files.amd64,v 1.88.8.2 2018/03/07 14:50:57 martin Exp $
+#	$NetBSD: files.amd64,v 1.88.8.3 2018/04/11 14:23:30 martin Exp $
 #
 # new style config file for amd64 architecture
 #
@@ -19,6 +19,9 @@ defparam opt_realmem.h	REALBASEMEM REALE
 # The PHYSMEM_MAX_{SIZE,ADDR} optionms
 defparam opt_physmem.h	PHYSMEM_MAX_ADDR PHYSMEM_MAX_SIZE
 
+# Enable GCC spectre V2 mitigation options
+defflag opt_spectre.h	SPECTRE_V2_GCC_MITIGATION
+
 #
 # XXX these are just here at the moment so that we can share files
 # with the i386 (they include the opt_*.h for these)

Index: src/sys/arch/i386/conf/ALL
diff -u src/sys/arch/i386/conf/ALL:1.419.2.2 src/sys/arch/i386/conf/ALL:1.419.2.3
--- src/sys/arch/i386/conf/ALL:1.419.2.2	Sat Sep  9 17:29:40 2017
+++ src/sys/arch/i386/conf/ALL	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.419.2.2 2017/09/09 17:29:40 snj Exp $
+# $NetBSD: ALL,v 1.419.2.3 2018/04/11 14:23:30 martin Exp $
 # From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
 #
 # ALL machine description file
@@ -17,7 +17,7 @@ include 	"arch/i386/conf/std.i386"
 
 options 	INCLUDE_CONFIG_FILE	# embed config file in kernel binary
 
-#ident		"ALL-$Revision: 1.419.2.2 $"
+#ident		"ALL-$Revision: 1.419.2.3 $"
 
 maxusers	64		# estimated number of users
 
@@ -28,6 +28,8 @@ options 	VM86		# virtual 8086 emulation
 options 	USER_LDT	# user-settable LDT; used by WINE
 options 	X86EMU		# 386 Real Mode emulator
 options 	PAE		# PAE mode (36 bits physical addressing)
+makeoptions	SPECTRE_V2_GCC_MITIGATION=1	# GCC Spectre variant 2
+						# migitation
 
 # CPU features
 acpicpu*	at cpu?		# ACPI CPU (including frequency scaling)

Index: src/sys/arch/i386/conf/GENERIC
diff -u src/sys/arch/i386/conf/GENERIC:1.1156.2.7 src/sys/arch/i386/conf/GENERIC:1.1156.2.8
--- src/sys/arch/i386/conf/GENERIC:1.1156.2.7	Mon Dec  4 19:47:05 2017
+++ src/sys/arch/i386/conf/GENERIC	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.1156.2.7 2017/12/04 19:47:05 snj Exp $
+# $NetBSD: GENERIC,v 1.1156.2.8 2018/04/11 14:23:30 martin Exp $
 #
 # GENERIC machine description file
 #
@@ -22,7 +22,7 @@ include 	"arch/i386/conf/std.i386"
 
 options 	INCLUDE_CONFIG_FILE	# embed config file in kernel binary
 
-#ident		"GENERIC-$Revision: 1.1156.2.7 $"
+#ident		"GENERIC-$Revision: 1.1156.2.8 $"
 
 maxusers	64		# estimated number of users
 
@@ -30,6 +30,8 @@ maxusers	64		# estimated number of users
 #options 	VM86		# virtual 8086 emulation
 options 	USER_LDT	# user-settable LDT; used by WINE
 #options 	PAE		# PAE mode (36 bits physical addressing)
+makeoptions	SPECTRE_V2_GCC_MITIGATION=1	# GCC Spectre variant 2
+						# migitation
 
 # CPU features
 acpicpu*	at cpu?		# ACPI CPU (including frequency scaling)

Index: src/sys/arch/i386/conf/Makefile.i386
diff -u src/sys/arch/i386/conf/Makefile.i386:1.185 src/sys/arch/i386/conf/Makefile.i386:1.185.10.1
--- src/sys/arch/i386/conf/Makefile.i386:1.185	Mon Aug 24 14:04:24 2015
+++ src/sys/arch/i386/conf/Makefile.i386	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.i386,v 1.185 2015/08/24 14:04:24 uebayasi Exp $
+#	$NetBSD: Makefile.i386,v 1.185.10.1 2018/04/11 14:23:30 martin Exp $
 
 # Makefile for NetBSD
 #
@@ -39,6 +39,11 @@ CFLAGS+=	-msoft-float
 ## no-sse implies no-sse2 but not no-avx
 CFLAGS+=	-mno-mmx -mno-sse -mno-avx
 
+.if !empty(SPECTRE_V2_GCC_MITIGATION) && ${HAVE_GCC:U0} > 0
+CFLAGS+=	-mindirect-branch=thunk
+CFLAGS+=	-mindirect-branch-register
+.endif
+
 ##
 ## (3) libkern and compat
 ##

Index: src/sys/arch/i386/conf/files.i386
diff -u src/sys/arch/i386/conf/files.i386:1.378.6.1 src/sys/arch/i386/conf/files.i386:1.378.6.2
--- src/sys/arch/i386/conf/files.i386:1.378.6.1	Tue Aug  1 23:18:30 2017
+++ src/sys/arch/i386/conf/files.i386	Wed Apr 11 14:23:30 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: files.i386,v 1.378.6.1 2017/08/01 23:18:30 snj Exp $
+#	$NetBSD: files.i386,v 1.378.6.2 2018/04/11 14:23:30 martin Exp $
 #
 # new style config file for i386 architecture
 #
@@ -46,6 +46,9 @@ defparam opt_pcibios.h	PCIBIOS_IRQS_HINT
 # splraise()/spllower() debug
 defflag	opt_spldebug.h			SPLDEBUG
 
+# Enable GCC spectre V2 mitigation options
+defflag opt_spectre.h	SPECTRE_V2_GCC_MITIGATION
+
 # Beep on halt
 defflag 	opt_beep.h		BEEP_ONHALT
 defparam 	opt_beep.h		BEEP_ONHALT_COUNT=3

Reply via email to