| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ok deraadt, pd, phessler
|
| |
|
|
| |
ok visa@
|
| |
|
|
|
|
| |
created with the BUS_DMA_64BIT flag.
ok jsg@
|
| |
|
|
|
|
|
| |
larger than 256KB not 128KB to cope with the 06-8e-09 microcode which is
currently 193KB.
Reported and tested by Paul de Weerd. Matches a diff from claudio@
|
| |
|
|
| |
written by Cody Cutler <ccutler at csail.mit.edu>
|
| |
|
|
|
|
|
|
|
| |
systems. There is no guarantee that the TSCs on different cores are
synchronized when the OpenBSD kernel boots and we don't have code to
synchronize them ourselves. This affects both AMD and Intel CPUs and
even cores on the same socket can by out of sync.
ok deraadt@, sthen@
|
| |
|
|
|
|
|
|
|
| |
Lookup the address that a syscall instruction is executed from, and kill
the process if that page is writeable. This brings an aspect of W^X
behaviour to W|X mappings (in JITs not yet adapted to W^X). The goal is
to remove simple attack methods and force use of ret2libc or other more
complicated means.
ok kettenis stefan visa
|
| |
|
|
|
|
|
|
|
| |
message address into an MSI-X table entry. The RTL8168/RTL8111 hardware
does not respond to 64-bit access (reads return all-ones, writes are
ignored) and the PCI specification documents separate 32-bit "DWORD"
fields for message address and message upper address.
ok mlarkin@, jmatthew@
|
| |
|
|
|
|
|
| |
either hardware update (RDCL_NO) or our being nested in a VM which is
handling the flushing via the L1D_FLUSH MSR.
ok mlarkin@
|
| |
|
|
|
|
| |
as it enhances the L1D_FLUSH MSR to flush MDS too
ok mlarkin@
|
| |
|
|
|
|
|
|
|
| |
Refactoring to remove 'long_kernel' variable and consistent use of 'entry'
and 'marks[MARK_ENTRY]'. Prompted by guenther@. No functional change.
tested by jca@ and myself
ok guenther@, kettenis@
|
| | |
|
| |
|
|
| |
ok mpi@
|
| |
|
|
|
|
|
|
|
|
| |
allocation service to allocate a block of memory below 16MB such that there
is no risk of overwriting it when the bootloader moves the kernel in place.
It removes the 128k limit that was previously there.
Based on an earlier diff by patrick@
ok mlarkin@
|
| |
|
|
|
|
|
| |
committing now so this can be worked on in tree
Thanks to the OpenBSD Foundation for sponsoring this work and kettenis@
for helping.
|
| |
|
|
|
|
|
|
| |
the RDCL_NO bit of the ARCH_CAPA msr only indicates one of the MDS
subissues is mitigated; only the MDS_NO bit indicates they're all
mitigated.
ok jsg@ mlarkin@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the CPU has the new VERW behavior than that is used, otherwise
use the proper sequence from Intel's "Deep Dive" doc is used in the
return-to-userspace and enter-VMM-guest paths. The enter-C3-idle
path is not mitigated because it's only a problem when SMT/HT is
enabled: mitigating everything when that's enabled would be a _huge_
set of changes that we see no point in doing.
Update vmm(4) to pass through the MSR bits so that guests can apply
the optimal mitigation.
VMM help and specific feedback from mlarkin@
vendor-portability help from jsg@ and kettenis@
ok kettenis@ mlarkin@ deraadt@ jsg@
|
| |
|
|
|
|
|
|
| |
This diff adds support to be able to load a randomly linked kernel VA
(subject to some range restrictions). This change has been in snaps for
a few days without any fallout.
ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
Emulate kvm pvclock in vmm(4). Compatible with pvclock(4) in OpenBSD. Linux
does not attach to this (yet).
Fixes by reyk@ and tested extensively by reyk@, tb@ and phessler@
ok mlarkin@ phessler@ reyk@
|
| |
|
|
|
|
| |
cpu_idle_cycle()
ok mpi@ kettenis@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Add a first cut of x86 page table walker to vmd(8) and vmm(4). This function is
not used right now but is a building block for future features like HPET, OUTSB
and INSB emulation, nested virtualisation support, etc.
With help from Mike Larkin
ok mlarkin@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Removes some code and files not needed by efi32 and efi64.
ok guenther
|
| |
|
|
|
|
|
|
| |
Make 2 separate efiboots, one for 32 bit and one for 64 bit to allow
us to remove lots of #ifdef code. Needed to ease the development effort
for random-VA linked kernels
ok tedu, deraadt
|
| |
|
|
|
|
|
|
| |
Make 2 separate efiboots, one for 32 bit and one for 64 bit to allow
us to remove lots of #ifdef code. Needed to ease the development effort
for random-VA linked kernels
ok tedu, deraadt
|
| |
|
|
|
|
|
|
| |
Separate out files used by both BIOS and EFI boot modes. These files
had many #ifdef EFIBOOT code paths that make it difficult to move forward
with changes needed to support random base VA linked kernels.
ok deraadt@
|
| |
|
|
|
|
|
|
| |
There were some exits for instructions that were unhandled and caused the guest
to terminate if it tried to execute them. We now inject a #ud for those. Also
intercept and #ud RDTSCP and INVLPGA instructions.
ok mlarkin@
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
|
|
| |
random data into the buffer that we feed the kernel.
ok deraadt@, mlarkin@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when we have a serial console by introducing the notion of a "primary"
graphics device. The primary graphics device is the one set up and
used by firmware (BIOS, UEFI).
The goal is to make sure that wsdisplay0 and drm0 reliably attach to
the primary graphics device such that X works out of the box even
if you have multiple cards or if you are using a serial console.
This also fixes the situation where inteldrm(4) or radeondrm(4) would
take over the console on UEFI systems even if the kernel was booted
with a serial console.
ok jsg@
|
| |
|
|
| |
ok deraadt
|
| |
|
|
|
|
|
|
|
|
| |
When reading a file from a non-TFTP device, clear the bootmac variable
to prevent the kernel from going into netboot mode.
This allows loading a kernel from a disk device after having booted
efiboot from PXE.
style tweak and ok kettenis@
|
| |
|
|
|
|
|
|
| |
- use NULL for pointer comparisons and assignments.
- in level comparisons, use PTP_LEVELS instead of magic constants
- eliminate some superfluous variables in pmap_free_ptp()
ok mlarkin@
|
| |
|
|
|
|
| |
in a generic way, correcting the handling of the LAPIC page.
ok mlarkin@
|
| |
|
|
|
|
|
|
|
|
| |
behaviour is not mandatory, the SDM says a CPU "may" do this. Better to
be safe than sorry.
A similar treatment will be needed for SVM, and for the cases where the
host CPU does not have VPIDs/ASIDs. Those will be committed separately.
Original diff from Guillaume Pagnoux, thanks!
|
| |
|
|
| |
called from an IPI routine).
|
| |
|
|
|
|
| |
Fixes panic on `vmctl start foo'.
OK tedu deraadt
|
| |
|
|
| |
use memmove. We don't know whether EFI allocated overlapping memory.
|
| |
|
|
| |
memcpy() correct behaviour. This also brings the bcopy() macro into line.
|
| | |
|
| |
|
|
|
| |
tightly-built ramdisk kernels, set the option in per-arch Makefile.inc
based upon SMALL_KERNEL
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
linux 4.19.34.
Adds support for more Intel hardware:
Broxton/Apollo Lake (was is_preliminary in 4.4)
Amber Lake (another Kaby Lake refresh)
Gemini Lake
Coffee Lake
Whiskey Lake
Cannon Lake (though no hardware with Intel graphics ever shipped)
Ice Lake (alpha support, hardware not released)
This does not add support for new radeon hardware on the AMD side as
newer radeons have a different kernel driver (amdgpu).
Thanks to the OpenBSD Foundation for sponsoring this work, kettenis@ for
helping and a bunch of other developers for testing.
|
| | |
|
| |
|
|
|
| |
details from the ELF header instead of faking it.
Proposal from mlarkin, tested on most architectures already
|
| | |
|
mlarkin
mpi
kettenis
jsg
jcs
deraadt
guenther
jasper
pd
naddy
kn
florian