NetBSD/src 0tjUojasys/arch/x86/include specialreg.h, sys/arch/x86/x86 spectre.c

   Mitigation for CVE-2019-11135: TSX Asynchronous Abort (TAA).

   Two sysctls are added:

        machdep.taa.mitigated = {0/1} user-settable
        machdep.taa.method = {string} constructed by the kernel

   There are two cases:

    (1) If the CPU is affected by MDS, then the MDS mitigation will also
   mitigate TAA, and we have nothing else to do. We make the 'mitigated' leaf
   read-only, and force:
        machdep.taa.mitigated = machdep.mds.mitigated
        machdep.taa.method = [MDS]
   The kernel already enables the MDS mitigation by default.

    (2) If the CPU is not affected by MDS but is affected by TAA, then we use
   the new TSX_CTRL MSR to disable RTM. This MSR is provided via a microcode
   update, now available on the Intel website. The kernel will automatically
   enable the TAA mitigation if the updated microcode is present. If the new
   microcode is not present, the user can load it via cpuctl, and set
   machdep.taa.mitigated=1.
VersionDeltaFile
1.31+222-12sys/arch/x86/x86/spectre.c
1.157+6-1sys/arch/x86/include/specialreg.h
+228-132 files

UnifiedSplitRaw