OS-7598: Kernel needs to be built with retpolines

Details

Issue Type:Improvement
Priority:4 - Normal
Status:Resolved
Created at:2019-02-19T19:57:39.118Z
Updated at:2019-10-23T17:48:04.563Z

People

Created by:Former user
Reported by:Former user
Assigned to:Former user

Resolution

Fixed: A fix for this issue is checked into the tree and tested.
(Resolution Date: 2019-08-19T18:40:07.970Z)

Fix Versions

2019-08-29 Zoo York (Release Date: 2019-08-29)

Description

To mitigate the impact of SpectreV2 we need to build the operating system with retpolines and make sure that we properly change them and fallback when enhanced IBRS is present as well as properly enable the AMD variant.

Comments

Comment by Former user
Created at 2019-08-09T21:39:54.101Z

I've tested this in a number of different ways:

OS Unit Tests

First and foremost I ran through the following OS unit tests. Notes on them are below:

Basic zone usage

As part of doing other testing, I ran the following different types of VMs. I made sure they all booted and were able to do different amounts of activity:

Triton

I ran through basic headnode setup and made sure that all services were online and that no cores were generated. In addition, @accountid:62562f1fcdc24000704b0435 did some basic testing of this. We've also had QA run through an earlier version of this change.

Retpoline Variants

I went through and verified that we had the correct versions of retpolines enabled in the following different scenarios:

disasm test

At @accountid:62562f1fcdc24000704b0435's suggestion I went through and did a disasm test. From the proto area of a SmartOS image I did the following:

$ for f in $(find kernel/ usr/kernel/ platform/i86* -type f); do if dis $f 2>/dev/null | grep \*; then echo $f; fi; done  > dis.out

This generated everywhere in the disasm that we had anything that looked like an indirect call. This found a missing case in modstubs and then I went back and audited the rest of the locations. They were broken down into a few cases:

Manually going through a number of these led to the conclusion that things were fine or as good as we could get them. We will follow up with the kvm and illumos-extra in subsequent work. These are OS-7945 and OS-7946.

Boot spot-testing on various platforms.

I just did basic regression testing booting on the following different platforms:


Comment by Jira Bot
Created at 2019-08-19T18:37:54.917Z

illumos-joyent commit fae35450c961f8c5a41382adf0e202906b2c4584 (branch master, by Robert Mustacchi)

OS-7598 Kernel needs to be built with retpolines
OS-7621 Kernel needs to generally use RSB stuffing
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: John Levon <john.levon@joyent.com>
Approved by: Joshua M. Clulow <jmc@joyent.com>


Comment by Jira Bot
Created at 2019-10-23T17:48:04.563Z

illumos-joyent commit 9812695da2de32f90ea47ba21e78e29437e4de8f (branch master, by John Levon)

OS-7598 Kernel needs to be built with retpolines (fix mismerge)
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Approved by: Jerry Jelinek <jerry.jelinek@joyent.com>