Calculate automatically the padding necessary for lining up the

iretq instruction used when Meltdown mitigation is effect.  It got
pushed off when an lfence was added in locore.S rev 1.107, resulting
in two signals being sent instead of one when iretq faulted, and
neither signal had the correct sigcontext info.  Update the makefile
rule for locore.o to verify that things are correct.

ok mlarkin@

2 files changed, 31 insertions, 12 deletions

diff --git a/sys/arch/amd64/amd64/locore.S b/sys/arch/amd64/amd64/locore.S
index 62ec81239f4..ecc9eedc05d 100644
--- a/sys/arch/amd64/amd64/locore.S
+++ b/sys/arch/amd64/amd64/locore.S
@@ -1,4 +1,4 @@
-/*	$OpenBSD: locore.S,v 1.107 2018/07/24 02:42:25 guenther Exp $	*/
+/*	$OpenBSD: locore.S,v 1.108 2018/09/09 22:09:36 guenther Exp $	*/
 /*	$NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $	*/
 
 /*
@@ -860,10 +860,31 @@ intr_user_exit_post_ast:
 	movq	CPUVAR(USER_CR3),%rax
 	movq	%rax,%cr3
 Xiretq_trampback:
+KTEXT_PAGE_END
+/* the movq %cr3 switches to this "KUTEXT" page */
+KUTEXT_PAGE_START
+	.space	(Xiretq_trampback - Xsyscall_meltdown) - \
+		(. - XUsyscall_meltdown), 0xcc
+	movq	CPUVAR(SCRATCH),%rax
+.Liretq_swapgs:
+	swapgs
+doreti_iret_meltdown:
+	iretq
+KUTEXT_PAGE_END
+/*
+ * Back to the "KTEXT" page to fill in the speculation trap and the
+ * swapgs+iretq used for non-Meltdown kernels.  This switching back
+ * and forth between segments is so that we can do the .space
+ * calculation below to guarantee the iretq's above and below line
+ * up, so the 'doreti_iret' label lines up with the iretq whether
+ * the CPU is affected by Meltdown or not.
+ */
+KTEXT_PAGE_START
 0:	pause
 	lfence
 	jmp	0b
-	.space	5,0xcc		/* pad to match "movq CPUVAR(SCRATCH),%rax" */
+	.space	(.Liretq_swapgs - XUsyscall_meltdown) - \
+		(. - Xsyscall_meltdown), 0xcc
 	CODEPATCH_END(CPTAG_MELTDOWN_NOP)
 	swapgs
 
@@ -872,14 +893,6 @@ _C_LABEL(doreti_iret):
 	iretq
 KTEXT_PAGE_END
 
-KUTEXT_PAGE_START
-	.space	(Xiretq_trampback - Xsyscall_meltdown) - \
-		(. - XUsyscall_meltdown), 0xcc
-	movq	CPUVAR(SCRATCH),%rax
-	swapgs
-	iretq
-KUTEXT_PAGE_END
-
 	.text
 	_ALIGN_TRAPS
 .Lintr_restore_xstate:		/* CPU doesn't have curproc's xstate */
diff --git a/sys/arch/amd64/conf/Makefile.amd64 b/sys/arch/amd64/conf/Makefile.amd64
index bd1d63d12c5..270559f14f3 100644
--- a/sys/arch/amd64/conf/Makefile.amd64
+++ b/sys/arch/amd64/conf/Makefile.amd64
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile.amd64,v 1.101 2018/08/21 18:06:12 anton Exp $
+#	$OpenBSD: Makefile.amd64,v 1.102 2018/09/09 22:09:36 guenther Exp $
 
 # For instructions on building kernels consult the config(8) and options(4)
 # manual pages.
@@ -125,6 +125,12 @@ mcount.o: $S/lib/libkern/mcount.c Makefile
 ioconf.o: ioconf.c
 	${NORMAL_C}
 
+locore.o: assym.h
+	${NORMAL_S}
+	@[[ -n `objdump -D $@ | grep -A1 doreti_iret | sort | uniq -d` ]] || \
+	 { rm -f $@; echo "ERROR: overlaid iretq instructions don't line up"; \
+	   echo "#GP-on-iretq fault handling would be broken"; exit 1; }
+
 ld.script: ${_machdir}/conf/ld.script
 	cp ${_machdir}/conf/ld.script $@
 
@@ -155,7 +161,7 @@ cleandir: clean
 depend obj:
 
 locore0.o: ${_machdir}/${_mach}/locore0.S assym.h
-locore.o mutex.o vector.o copy.o spl.o: assym.h
+mutex.o vector.o copy.o spl.o: assym.h
 mptramp.o acpi_wakecode.o vmm_support.o: assym.h
 
 hardlink-obsd: