Index: sys/amd64/amd64/elf_machdep.c =================================================================== --- sys/amd64/amd64/elf_machdep.c +++ sys/amd64/amd64/elf_machdep.c @@ -46,6 +46,7 @@ #include #include #include +void amd64_lower_shared_page(struct sysentvec *); struct sysentvec elf64_freebsd_sysvec = { .sv_size = SYS_MAXSYSCALL, @@ -84,6 +85,20 @@ }; INIT_SYSENTVEC(elf64_sysvec, &elf64_freebsd_sysvec); +void +amd64_lower_shared_page(struct sysentvec *sv) +{ + if (hw_lower_amd64_sharedpage != 0) { + sv->sv_shared_page_base -= PAGE_SIZE; + sv->sv_usrstack -= PAGE_SIZE; + sv->sv_psstrings -= PAGE_SIZE; + } +} + +SYSINIT(elf64_sysvec_fixup, SI_SUB_EXEC, SI_ORDER_FIRST, + (sysinit_cfunc_t) amd64_lower_shared_page, + &elf64_freebsd_sysvec); + static Elf64_Brandinfo freebsd_brand_info = { .brand = ELFOSABI_FREEBSD, .machine = EM_X86_64, @@ -96,7 +111,7 @@ .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE }; -SYSINIT(elf64, SI_SUB_EXEC, SI_ORDER_FIRST, +SYSINIT(elf64, SI_SUB_EXEC, SI_ORDER_SECOND, (sysinit_cfunc_t) elf64_insert_brand_entry, &freebsd_brand_info); Index: sys/amd64/amd64/initcpu.c =================================================================== --- sys/amd64/amd64/initcpu.c +++ sys/amd64/amd64/initcpu.c @@ -48,6 +48,11 @@ static int hw_instruction_sse; SYSCTL_INT(_hw, OID_AUTO, instruction_sse, CTLFLAG_RD, &hw_instruction_sse, 0, "SIMD/MMX2 instructions available in CPU"); +static int lower_sharedpage_init; +int hw_lower_amd64_sharedpage; +SYSCTL_INT(_hw, OID_AUTO, lower_amd64_sharedpage, CTLFLAG_RDTUN, + &hw_lower_amd64_sharedpage, 0, + "Lower sharedpage to work around Ryzen issue with executing code near the top of user memory"); /* * -1: automatic (default) * 0: keep enable CLFLUSH @@ -120,6 +125,28 @@ msr = rdmsr(0xc0011020); msr |= (uint64_t)1 << 15; wrmsr(0xc0011020, msr); + } + } + + /* + * Work around a problem on Ryzen that is triggered by executing + * code near the top of user memory, in our case the signal + * trampoline code in the shared page on amd64. + * + * This function is executed once for the BSP before tunables take + * effect so the value determined here can be overridden by the + * tunable. This function is then then executed again for each AP + * and also on resume, so set a flag so that value set by the tunable + * is not overwritten. + * + * The stepping and/or microcode versions should be checked after + * this issue is fixed by AMD so that we don't use this mode if not + * needed. + */ + if (lower_sharedpage_init == 0) { + lower_sharedpage_init = 1; + if (CPUID_TO_FAMILY(cpu_id) == 0x17) { + hw_lower_amd64_sharedpage = 1; } } } Index: sys/amd64/include/md_var.h =================================================================== --- sys/amd64/include/md_var.h +++ sys/amd64/include/md_var.h @@ -34,7 +34,8 @@ #include -extern uint64_t *vm_page_dump; +extern uint64_t *vm_page_dump; +extern int hw_lower_amd64_sharedpage; struct savefpu; Index: sys/amd64/linux/linux_sysvec.c =================================================================== --- sys/amd64/linux/linux_sysvec.c +++ sys/amd64/linux/linux_sysvec.c @@ -85,6 +85,8 @@ #include #include +void amd64_lower_shared_page(struct sysentvec *); + MODULE_VERSION(linux64, 1); #if BYTE_ORDER == LITTLE_ENDIAN @@ -833,6 +835,8 @@ linux_vdso_install(void *param) { + amd64_lower_shared_page(&elf_linux_sysvec); + linux_szsigcode = (&_binary_linux_locore_o_end - &_binary_linux_locore_o_start); @@ -844,14 +848,15 @@ linux_shared_page_obj = __elfN(linux_shared_page_init) (&linux_shared_page_mapping); - __elfN(linux_vdso_reloc)(&elf_linux_sysvec, SHAREDPAGE); + __elfN(linux_vdso_reloc)(&elf_linux_sysvec, + elf_linux_sysvec.sv_shared_page_base); bcopy(elf_linux_sysvec.sv_sigcode, linux_shared_page_mapping, linux_szsigcode); elf_linux_sysvec.sv_shared_page_obj = linux_shared_page_obj; linux_kplatform = linux_shared_page_mapping + - (linux_platform - (caddr_t)SHAREDPAGE); + (linux_platform - (caddr_t)elf_linux_sysvec.sv_shared_page_base); } SYSINIT(elf_linux_vdso_init, SI_SUB_EXEC, SI_ORDER_ANY, (sysinit_cfunc_t)linux_vdso_install, NULL);