kern/amd64: cpu: Add kernel fence for trap entry

A kernel fence ensures that the GS base will contain kernel data on
entry.

Signed-off-by: Ian Moffett <ian@osmora.org>

4 files changed, 89 insertions, 2 deletions

diff --git a/sys/Makefile b/sys/Makefile
index 0ee8c93..5291a43 100644
--- a/sys/Makefile
+++ b/sys/Makefile
@@ -7,7 +7,8 @@ SYS_CFLAGS =
 ARCH =
 
 .PHONY: all
-all: kern arch
+all: target kern arch
+	rm -rf target/
 
 .PHONY: arch
 arch:
@@ -22,3 +23,8 @@ kern:
 .PHONY: clean
 clean:
 	cd arch/$(ARCH); make clean
+
+.PHONY: target
+target:
+	mkdir -p target/inc/md/
+	rsync -avr inc/arch/$(ARCH)/* target/inc/md/
diff --git a/sys/arch/amd64/Makefile b/sys/arch/amd64/Makefile
index 1c5f8f2..265948a 100644
--- a/sys/arch/amd64/Makefile
+++ b/sys/arch/amd64/Makefile
@@ -14,7 +14,7 @@ all: $(ASMOBJS)
 
 %.S.o: %.S
 	$(PROMPT) " [AS] " $<
-	$(CC) -c $(SYS_CFLAGS) $< -o $@
+	$(CC) -c -I../../target/inc/ $(SYS_CFLAGS) $< -o $@
 
 .PHONY: clean
 clean:
diff --git a/sys/arch/amd64/cpu/idt.S b/sys/arch/amd64/cpu/idt.S
index a5a4a73..b7169d8 100644
--- a/sys/arch/amd64/cpu/idt.S
+++ b/sys/arch/amd64/cpu/idt.S
@@ -27,6 +27,8 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include <md/kfence.h>
+
 #define KERNEL_CS 0x08
 
 #define INT_GATE 0x8E
@@ -152,127 +154,155 @@ set_traps:
     retq
 
 diverr:
+    KFENCE
     push_frame 0x0
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x0
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 debug_except:
+    KFENCE
     push_frame 0x1
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x1
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 nmi:
+    KFENCE
     push_frame 0x2
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x2
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 breakpoint:
+    KFENCE
     push_frame 0x3
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x3
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 overflow:
+    KFENCE
     push_frame 0x4
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x4
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 bound_range:
+    KFENCE
     push_frame 0x5
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x5
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 invl_opc:
+    KFENCE
     push_frame 0x6
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x6
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 no_coproc:
+    KFENCE
     push_frame 0x7
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x7
+    KFENCE
 1:  cli
     hlt
     jmp 1b
 
 double_fault:
+    KFENCE_EC
     push_frame 0x8
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0x8
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
 
 invalid_tss:
+    KFENCE_EC
     push_frame 0xA
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0xA
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
 
 seg_np:
+    KFENCE_EC
     push_frame 0xB
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0xB
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
 
 ss_fault:
+    KFENCE_EC
     push_frame 0xC
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0xC
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
 
 gpf:
+    KFENCE_EC
     push_frame 0xD
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0xD
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
 
 page_fault:
+    KFENCE_EC
     push_frame 0xE
     mov %rsp, %rdi
     call trap_dispatch
     pop_frame  0xE
+    KFENCE_EC
 1:  cli
     hlt
     jmp 1b
diff --git a/sys/inc/arch/amd64/kfence.h b/sys/inc/arch/amd64/kfence.h
new file mode 100644
index 0000000..110c9a8
--- /dev/null
+++ b/sys/inc/arch/amd64/kfence.h
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2025 Ian Marco Moffett and the Osmora Team.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Hyra nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _MACHINE_KENTRY_H_
+#define _MACHINE_KENTRY_H_
+
+/*
+ * Kernel entry/exit handling for traps with error codes
+ * on the stack
+ */
+#define KFENCE_EC                   \
+        testq $0x3, 16(%rsp)      ; \
+        jz 1f                     ; \
+        lfence                    ; \
+        swapgs                    ; \
+    1:
+
+#define KFENCE                    ; \
+        testq $0x3, 8(%rsp)       ; \
+        jz 1f                     ; \
+        lfence                    ; \
+        swapgs                    ; \
+    1:
+
+#endif  /* !_MACHINE_KENTRY_H_ */