From 817d1adc7a194082259bcd86f757f7ce48b9ad75 Mon Sep 17 00:00:00 2001
From: Ian Moffett <ian@osmora.org>
Date: Fri, 20 Dec 2024 04:04:04 -0500
Subject: kernel/amd64: proc: Protect SWAPGS with LFENCE

Ensure all loads preceding SWAPGS are serialized using LFENCE. This
mitigates the possibility of SWAPGS being speculatively bypassed which
would lead to security issues.

Signed-off-by: Ian Moffett <ian@osmora.org>
---
 sys/arch/amd64/amd64/proc_machdep.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/arch/amd64/amd64/proc_machdep.c b/sys/arch/amd64/amd64/proc_machdep.c
index cb337fb..596f661 100644
--- a/sys/arch/amd64/amd64/proc_machdep.c
+++ b/sys/arch/amd64/amd64/proc_machdep.c
@@ -134,6 +134,7 @@ md_td_kick(struct proc *td)
         "pushf\n"
         "push %2\n"
         "push %3\n"
+        "lfence\n"
         "swapgs\n"
         "iretq"
         :
-- 
cgit v1.2.3