xref: /illumos-gate/usr/src/uts/i86pc/ml/md_clear.S (revision dd72704bd9e794056c558153663c739e2012d721) 
1/*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source.  A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12/*
13 * Copyright 2019 Joyent, Inc.
14 */
15
16#include <sys/asm_linkage.h>
17
18/*
19 * This ASM file contains various routines that are designed to flush
20 * microarchitectural buffer state as part of dealing with the
21 * microarchitectural data sampling (MDS) vulnerabilities.
22 *
23 * These are called from various points in the system ranging from interrupts,
24 * before going idle, to returning from system calls. This means the following
25 * is true about the state of the system:
26 *
27 *  o All register state is precious, we must not change register state upon
28 *    entry or return from these functions.
29 *
30 *  o %ds is valid.
31 *
32 *  o %gs is arbitrary, it may be kernel or user. You cannot rely on it.
33 *
34 *  o Interrupts should be disabled by the caller.
35 *
36 *  o %cr3 is on the kernel-side and therefore we still have access to kernel
37 *    text. In other words, we haven't switched back to the user page table.
38 *
39 *  o It is up to the caller to insure that a sufficient serializing instruction
40 *    has been executed after this to make sure any pending speculations are
41 *    captured. In general, this should be handled by the fact that callers of
42 *    this are either going to change privilege levels or halt, which makes
43 *    these operations safer.
44 */
45
46	/*
47	 * By default, x86_md_clear is disabled until the system determines that
48	 * it both needs MDS related mitigations and we have microcode that
49	 * provides the needed functionality.
50	 *
51	 * The VERW instruction clobbers flags which is why it's important that
52	 * we save and restore them here.
53	 */
54	ENTRY_NP(x86_md_clear)
55	ret
56	pushfq
57	subq	$8, %rsp
58	mov	%ds, (%rsp)
59	verw	(%rsp)
60	addq	$8, %rsp
61	popfq
62	ret
63	SET_SIZE(x86_md_clear)
64