-mindirect-branch=<choice>
-mfunction-return=<choice>
-mindirect-branch-register
the values for 'choice' are "keep" (default, existing behaviour),
"thunk", "thunk-inline", and "thunk-extern".
as taken from the Ubuntu port of these changes in their
ubuntu:gcc-5_5.5.0-8ubuntu1.diff. i've also included the doc
updates that are missing from ubuntu from gcc itself.
i've tested both i386 and amd64 fairly heavily with these options
enabled in both kernels and userland, atf runs and hundreds of
package builds.
XXX: pullup-8 to gcc/ not gcc.old/
-mindirect-branch=<choice>
-mfunction-return=<choice>
-mindirect-branch-register
the values for 'choice' are "keep" (default, existing behaviour),
"thunk", "thunk-inline", and "thunk-extern".
as taken from the Debian port of these changes in their
debian:gcc-6_6.3.0-18+deb9u1.diff. i've also included the doc
updates that are missing from debian from gcc itself.
i've tested both i386 and amd64 fairly heavily with these options
enabled in both kernels and userland, atf runs and hundreds of
package builds.
Different operations are performed during context transitions:
user->kernel: IBRS <- 1
kernel->user: IBRS <- 0
And during context switches:
user->user: IBPB <- 0
kernel->user: IBPB <- 0
[user->kernel:IBPB <- 0 this one may not be needed]
We use two macros, IBRS_ENTER and IBRS_LEAVE, to set the IBRS bit. The
thing is hotpatched for better performance, like SVS.
The idea is that IBRS is a "privileged" bit, which is set to 1 in kernel
mode and 0 in user mode. To protect the branch predictor between user
processes (which are of the same privilege), we use the IBPB barrier.
The Intel manual also talks about (MWAIT/HLT)+HyperThreading, and says
that when using either of the two instructions IBRS must be disabled for
better performance on the core. I'm not totally sure about this part, so
I'm not adding it now.
IBRS is available only when the Intel microcode update is applied. The
mitigation must be enabled manually with machdep.spectreV2.mitigated.
Tested by msaitoh a week ago (but I adapted a few things since). Probably
more changes to come.
* Replace idiotic diagnostic check by KASSERT. max_linkhdr+tlen<=MCLBYTES
is a widespread assumption.
* Improve initialization of 'tp'.
* Put panics in dead branches.
* Merge two switches.
indirectness first. In the case of various Qt5 libraries, __bss_start
ends up with a Qt5 version, but it has to be resolved first to match the
actual (implicit) definition. This fixes the root cause of pkg/53089.
* Added support for setproctitle(3)
* Kernel RA is no longer disabled when IPv6 is disabled in dhcpcd
* DHCPv6 PD is no longer stopped if no Routers are found
* If the DHCP leased address is deleted, enter the reboot state
* DHCPv6 unicast is no longer performed when not in master mode
* dhcpcd will now detect netlink/route socket overflows ad re-sync
When there are devices which is already pci_intr_alloc'ed, however is not
established yet, "intrctl list" causes panic. E.g.
# while true; do intrctl list > /dev/null ; done&
# drvctl -d ixg0 && drvctl -r pci0
And add some KASSERTMSG to similar but not the same code.
Pointed out by msaitoh@n.o.
XXX pullup-8
has a chance of working on G5 where we can't just BAT-map everything with
paddr == busaddr.
Doesn't play audio yet but things like headphone detection work.
