HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS328166

Enable KPTI by default on amd64 for non-AMD CPUs
rS328166
Actions

Description

Enable KPTI by default on amd64 for non-AMD CPUs

Kernel Page Table Isolation (KPTI) was introduced in r328083 as a
mitigation for the 'Meltdown' vulnerability. AMD CPUs are not affected,
per https://www.amd.com/en/corporate/speculative-execution:

We believe AMD processors are not susceptible due to our use of
privilege level protections within paging architecture and no
mitigation is required.

Thus default KPTI to off for AMD CPUs, and to on for others. This may
be refined later as we obtain more specific information on the sets of
CPUs that are and are not affected.

Submitted by: Mitchell Horne
Reviewed by: cem
Relnotes: Yes
Security: CVE-2017-5754
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D13971

Details

Provenance
emasteAuthored on
Reviewer
cem
Differential Revision
D13971: Enable PTI by default for Intel
Parents
rS328165: Revert ABI breakage to CAM that came in with MMC/SD support in r320844.
Branches
Unknown
Tags
Unknown

Changes (3)

PathSize
head/
sys/
amd64/
amd64/
x86/
include/
x86/

rS328166

View Options

head/sys/amd64/amd64/machdep.c

Loading...
View Options

head/sys/x86/include/x86_var.h

Loading...
View Options

head/sys/x86/x86/identcpu.c

Loading...