Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch Clarify the parameters for the SpectreV2 mitigation.



details:   https://anonhg.NetBSD.org/src/rev/5153ce884ebd
branches:  trunk
changeset: 322886:5153ce884ebd
user:      maxv <maxv%NetBSD.org@localhost>
date:      Tue May 22 08:15:26 2018 +0000

description:
Clarify the parameters for the SpectreV2 mitigation.

Add:
        machdep.spectre_v2.swmitigated
Rename:
        machdep.spectre_v2.mitigated -> machdep.spectre_v2.hwmitigated

Change the method string, to combine both the hardware and software
mitigations. swmitigated is set at compile time, hwmitigated can be
set by the user.

Examples:

        spectre_v2.swmitigated = 1
        spectre_v2.hwmitigated = 0
        spectre_v2.method = [GCC retpoline]

        spectre_v2.swmitigated = 0
        spectre_v2.hwmitigated = 0
        spectre_v2.method = (none)

        spectre_v2.swmitigated = 1
        spectre_v2.hwmitigated = 1
        spectre_v2.method = [GCC retpoline] + [Intel IBRS]

diffstat:

 sys/arch/amd64/conf/GENERIC    |   5 +++--
 sys/arch/i386/conf/GENERIC     |   5 +++--
 sys/arch/x86/x86/spectre.c     |  24 ++++++++++++++++++------
 sys/arch/x86/x86/x86_machdep.c |  22 ++++++++++++++++++----
 4 files changed, 42 insertions(+), 14 deletions(-)

diffs (162 lines):

diff -r 0c1ad0174da3 -r 5153ce884ebd sys/arch/amd64/conf/GENERIC
--- a/sys/arch/amd64/conf/GENERIC       Tue May 22 07:24:08 2018 +0000
+++ b/sys/arch/amd64/conf/GENERIC       Tue May 22 08:15:26 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.491 2018/05/15 01:53:27 thorpej Exp $
+# $NetBSD: GENERIC,v 1.492 2018/05/22 08:15:26 maxv Exp $
 #
 # GENERIC machine description file
 #
@@ -22,7 +22,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-#ident         "GENERIC-$Revision: 1.491 $"
+#ident         "GENERIC-$Revision: 1.492 $"
 
 maxusers       64              # estimated number of users
 
@@ -78,6 +78,7 @@
 options        SVS             # Separate Virtual Space
 makeoptions    SPECTRE_V2_GCC_MITIGATION=1     # GCC Spectre variant 2
                                                # migitation
+options        SPECTRE_V2_GCC_MITIGATION
 
 # CPU features
 acpicpu*       at cpu?         # ACPI CPU (including frequency scaling)
diff -r 0c1ad0174da3 -r 5153ce884ebd sys/arch/i386/conf/GENERIC
--- a/sys/arch/i386/conf/GENERIC        Tue May 22 07:24:08 2018 +0000
+++ b/sys/arch/i386/conf/GENERIC        Tue May 22 08:15:26 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.1178 2018/05/15 01:53:27 thorpej Exp $
+# $NetBSD: GENERIC,v 1.1179 2018/05/22 08:15:26 maxv Exp $
 #
 # GENERIC machine description file
 #
@@ -22,7 +22,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-#ident         "GENERIC-$Revision: 1.1178 $"
+#ident         "GENERIC-$Revision: 1.1179 $"
 
 maxusers       64              # estimated number of users
 
@@ -31,6 +31,7 @@
 #options       PAE             # PAE mode (36 bits physical addressing)
 makeoptions    SPECTRE_V2_GCC_MITIGATION=1     # GCC Spectre variant 2
                                                # migitation
+options        SPECTRE_V2_GCC_MITIGATION
 
 # CPU features
 acpicpu*       at cpu?         # ACPI CPU (including frequency scaling)
diff -r 0c1ad0174da3 -r 5153ce884ebd sys/arch/x86/x86/spectre.c
--- a/sys/arch/x86/x86/spectre.c        Tue May 22 07:24:08 2018 +0000
+++ b/sys/arch/x86/x86/spectre.c        Tue May 22 08:15:26 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: spectre.c,v 1.12 2018/05/22 07:11:53 maxv Exp $        */
+/*     $NetBSD: spectre.c,v 1.13 2018/05/22 08:15:26 maxv Exp $        */
 
 /*
  * Copyright (c) 2018 NetBSD Foundation, Inc.
@@ -34,7 +34,9 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.12 2018/05/22 07:11:53 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.13 2018/05/22 08:15:26 maxv Exp $");
+
+#include "opt_spectre.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -62,22 +64,32 @@
 static void
 spec_v2_set_name(void)
 {
-       const char *name;
+       char name[64] = "";
+       size_t nmitig = 0;
+
+#if defined(SPECTRE_V2_GCC_MITIGATION)
+       strlcat(name, "[GCC retpoline]", sizeof(name));
+       nmitig++;
+#endif
 
        if (!spec_v2_mitigation_enabled) {
-               name = "(none)";
+               if (nmitig == 0)
+                       strlcat(name, "(none)", sizeof(name));
        } else {
+               if (nmitig)
+                       strlcat(name, " + ", sizeof(name));
                switch (mitigation_v2_method) {
                case MITIGATION_AMD_DIS_IND:
-                       name = "AMD DIS_IND";
+                       strlcat(name, "[AMD DIS_IND]", sizeof(name));
                        break;
                case MITIGATION_INTEL_IBRS:
-                       name = "Intel IBRS";
+                       strlcat(name, "[Intel IBRS]", sizeof(name));
                        break;
                default:
                        panic("%s: impossible", __func__);
                }
        }
+
        strlcpy(spec_v2_mitigation_name, name,
            sizeof(spec_v2_mitigation_name));
 }
diff -r 0c1ad0174da3 -r 5153ce884ebd sys/arch/x86/x86/x86_machdep.c
--- a/sys/arch/x86/x86/x86_machdep.c    Tue May 22 07:24:08 2018 +0000
+++ b/sys/arch/x86/x86/x86_machdep.c    Tue May 22 08:15:26 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: x86_machdep.c,v 1.113 2018/05/22 07:11:53 maxv Exp $   */
+/*     $NetBSD: x86_machdep.c,v 1.114 2018/05/22 08:15:26 maxv Exp $   */
 
 /*-
  * Copyright (c) 2002, 2006, 2007 YAMAMOTO Takashi,
@@ -31,13 +31,16 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.113 2018/05/22 07:11:53 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.114 2018/05/22 08:15:26 maxv Exp $");
 
 #include "opt_modular.h"
 #include "opt_physmem.h"
 #include "opt_splash.h"
 #include "opt_kaslr.h"
 #include "opt_svs.h"
+#ifndef XEN
+#include "opt_spectre.h"
+#endif
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -1303,12 +1306,23 @@
                       CTL_MACHDEP, CTL_CREATE);
        sysctl_createv(clog, 0, &spec_rnode, NULL,
                       CTLFLAG_READWRITE,
-                      CTLTYPE_BOOL, "mitigated",
-                      SYSCTL_DESCR("Whether Spectre Variant 2 is mitigated"),
+                      CTLTYPE_BOOL, "hwmitigated",
+                      SYSCTL_DESCR("Whether Spectre Variant 2 is HW-mitigated"),
                       sysctl_machdep_spectreV2_mitigated, 0,
                       &spec_v2_mitigation_enabled, 0,
                       CTL_CREATE, CTL_EOL);
        sysctl_createv(clog, 0, &spec_rnode, NULL,
+                      CTLFLAG_PERMANENT | CTLFLAG_IMMEDIATE,
+                      CTLTYPE_BOOL, "swmitigated",
+                      SYSCTL_DESCR("Whether Spectre Variant 2 is SW-mitigated"),
+#if defined(SPECTRE_V2_GCC_MITIGATION)
+                      NULL, 1,
+#else
+                      NULL, 0,
+#endif
+                  NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+       sysctl_createv(clog, 0, &spec_rnode, NULL,
                       CTLFLAG_PERMANENT,
                       CTLTYPE_STRING, "method",
                       SYSCTL_DESCR("Mitigation method in use"),



Home | Main Index | Thread Index | Old Index