| #
a97a42d9 |
| 10-Jan-2018 |
kettenis <kettenis@openbsd.org> |
Implement FUCKWIT for arm64; unmap the kernel almost entirely while userland
is running. This provides protection against meltown on cores that are
vilnerable (just Cortex-A75 so far) but also seems
Implement FUCKWIT for arm64; unmap the kernel almost entirely while userland
is running. This provides protection against meltown on cores that are
vilnerable (just Cortex-A75 so far) but also seems to be an essential to
protect against spectre-like attacks against the kernel.
This implementation only exposes a single treampoline page that does not
contain any kernel virtual addresses and also hides the real virtual address
of the exception vectors, which helps on cores vulnerable to "variant 3a"
(Cortex-A57, Cortex-A72). The implementation is inspired by the work done
by Will Deacon for Linux, but there are no knobs to turn it off. The
overhead is fairly limited: around 3-4% slowdown on Cortex-A57.
ok patrick@, deraadt@
show more ...
|
| #
b37186f0 |
| 24-Mar-2017 |
kettenis <kettenis@openbsd.org> |
Simplify ASID allocation code considerably by allocating an ASID up front
when a pmap is created and freeing it when the pmap is destroyed. This
diff relies on the fill 16-bit ASID space being imple
Simplify ASID allocation code considerably by allocating an ASID up front
when a pmap is created and freeing it when the pmap is destroyed. This
diff relies on the fill 16-bit ASID space being implemented in the processor.
While this is documented as an optional feature in the ARMv8 architecture
reference manual, all ARMv8 processors seen in the wild so far implement
the full 16-bit space. This change incorporates changes by drahn@ to
allocate an empty page table for the lower half of the address space for the
kernel.
ok drahn@, patrick@
show more ...
|
| #
4726b7e0 |
| 06-Feb-2017 |
patrick <patrick@openbsd.org> |
Move cache and tlb flush functions, which were mostly inline assembly,
into separate functions. This makes them reusable from other parts in
the kernel. Assembly and header are taken from FreeBSD,
Move cache and tlb flush functions, which were mostly inline assembly,
into separate functions. This makes them reusable from other parts in
the kernel. Assembly and header are taken from FreeBSD, but modified
to fit our requirements and with some unnecessary stuff removed. While
there remove micro optimization for uniprocessor kernels.
show more ...
|