CVS commit: src/sys/arch/x86

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/arch/x86
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Sat, 25 Feb 2023 13:57:37 +0000

Module Name:    src
Committed By:   riastradh
Date:           Sat Feb 25 13:57:37 UTC 2023

Modified Files:
        src/sys/arch/x86/include: cpu_extended_state.h
        src/sys/arch/x86/x86: fpu.c

Log Message:
x86: Mitigate MXCSR Configuration Dependent Timing in kernel FPU use.

In fpu_kern_enter, make sure all the MXCSR exception status bits are
set when we start using the FPU, so that instructions which exhibit
MCDT are unaffected by it.

While here, zero all the other FPU registers in fpu_kern_enter.

In principle we could skip this step on future CPUs that fix the MCDT
bug, but there's probably not much benefit -- workloads that do a lot
of crypto in the kernel are probably better off using
kthread_fpu_enter or WQ_FPU to skip the fpu_kern_enter/leave cycles
in the first place.

For details, see:
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/mxcsr-configuration-dependent-timing.html


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/sys/arch/x86/include/cpu_extended_state.h
cvs rdiff -u -r1.79 -r1.80 src/sys/arch/x86/x86/fpu.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch/i386/i386
Next by Date: CVS commit: src/usr.bin/ftp
Previous by Thread: CVS commit: src/sys/arch/i386/i386
Next by Thread: CVS commit: src/usr.bin/ftp
Indexes:

Home | Main Index | Thread Index | Old Index