Changeset View
Standalone View
sys/amd64/amd64/machdep.c
| Show First 20 Lines • Show All 1,773 Lines • ▼ Show 20 Lines | if (preload_search_info(kmdp, MODINFO_METADATA | MODINFOMD_EFI_MAP) | ||||
| != NULL) | != NULL) | ||||
| vty_set_preferred(VTY_VT); | vty_set_preferred(VTY_VT); | ||||
| TUNABLE_INT_FETCH("hw.ibrs_disable", &hw_ibrs_disable); | TUNABLE_INT_FETCH("hw.ibrs_disable", &hw_ibrs_disable); | ||||
| TUNABLE_INT_FETCH("hw.spec_store_bypass_disable", &hw_ssb_disable); | TUNABLE_INT_FETCH("hw.spec_store_bypass_disable", &hw_ssb_disable); | ||||
| TUNABLE_INT_FETCH("machdep.syscall_ret_l1d_flush", | TUNABLE_INT_FETCH("machdep.syscall_ret_l1d_flush", | ||||
| &syscall_ret_l1d_flush_mode); | &syscall_ret_l1d_flush_mode); | ||||
| TUNABLE_INT_FETCH("hw.mds_disable", &hw_mds_disable); | TUNABLE_INT_FETCH("hw.mds_disable", &hw_mds_disable); | ||||
| TUNABLE_INT_FETCH("hw.tsx_disable", &hw_tsx_disable); | |||||
kib: This fetch must be done early enough so it must occur in hammer_time(). | |||||
emasteUnsubmitted Not Done Inline Actionswe should really use positive sense sysctls emaste: we should really use positive sense sysctls | |||||
scottlAuthorUnsubmitted Done Inline ActionsAgreed, but I propose that we do a sweep and rename all of the nearby and related knobs. For now, hw.tsx_disable is consistent with the others, which I think it important. scottl: Agreed, but I propose that we do a sweep and rename all of the nearby and related knobs. For… | |||||
emasteUnsubmitted Not Done Inline ActionsIt's not exactly, because mds_disable is actually enabling a workaround - we could rename it mds_workaround_enable and the values the user sets it to do not change. If tsx_disable becomes tsx_enable the setting also has to change. emaste: It's not exactly, because mds_disable is actually enabling a workaround - we could rename it… | |||||
scottphUnsubmitted Not Done Inline ActionsI think the name here needs to be changed to taa_disable. The intention is to mitigate the TSX Async Abort vulnerability, not necessarily just general purpose TSX feature control. scottph: I think the name here needs to be changed to `taa_disable`. The intention is to mitigate the… | |||||
emasteUnsubmitted Not Done Inline ActionsIndeed, but is it not usable as a general TSX disable control? I.e., if in the future another problem is found with TSX we could still use this to turn it off? emaste: Indeed, but is it not usable as a general TSX disable control? I.e., if in the future another… | |||||
scottlAuthorUnsubmitted Done Inline Actionshw.x86.mitigations.taa is my proposal. 0 = no mitigation, 1 = TSX-disable, 2 = VERW, 3 = auto scottl: `hw.x86.mitigations.taa` is my proposal. 0 = no mitigation, 1 = TSX-disable, 2 = VERW, 3 = auto | |||||
| finishidentcpu(); /* Final stage of CPU initialization */ | finishidentcpu(); /* Final stage of CPU initialization */ | ||||
| initializecpu(); /* Initialize CPU registers */ | initializecpu(); /* Initialize CPU registers */ | ||||
| amd64_bsp_ist_init(pc); | amd64_bsp_ist_init(pc); | ||||
| /* Set the IO permission bitmap (empty due to tss seg limit) */ | /* Set the IO permission bitmap (empty due to tss seg limit) */ | ||||
| pc->pc_common_tss.tss_iobase = sizeof(struct amd64tss) + | pc->pc_common_tss.tss_iobase = sizeof(struct amd64tss) + | ||||
| ▲ Show 20 Lines • Show All 970 Lines • Show Last 20 Lines | |||||
This fetch must be done early enough so it must occur in hammer_time().