diff options
author | Ian Moffett <ian@osmora.org> | 2024-12-20 04:04:04 -0500 |
---|---|---|
committer | Ian Moffett <ian@osmora.org> | 2024-12-20 04:09:48 -0500 |
commit | 817d1adc7a194082259bcd86f757f7ce48b9ad75 (patch) | |
tree | 47f16d6bdf9ca919f59eb010e485517b87e4a9a8 /sys/arch/amd64 | |
parent | 6695df157d714567f938170c0bdcae5e4dcb1695 (diff) |
Ensure all loads preceding SWAPGS are serialized using LFENCE. This
mitigates the possibility of SWAPGS being speculatively bypassed which
would lead to security issues.
Signed-off-by: Ian Moffett <ian@osmora.org>
Diffstat (limited to 'sys/arch/amd64')
-rw-r--r-- | sys/arch/amd64/amd64/proc_machdep.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/arch/amd64/amd64/proc_machdep.c b/sys/arch/amd64/amd64/proc_machdep.c index cb337fb..596f661 100644 --- a/sys/arch/amd64/amd64/proc_machdep.c +++ b/sys/arch/amd64/amd64/proc_machdep.c @@ -134,6 +134,7 @@ md_td_kick(struct proc *td) "pushf\n" "push %2\n" "push %3\n" + "lfence\n" "swapgs\n" "iretq" : |