From owner-svn-src-head@freebsd.org Fri Nov 15 23:27:19 2019 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 30A031B387F; Fri, 15 Nov 2019 23:27:19 +0000 (UTC) (envelope-from scottl@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47FDyt53rGz4ZKg; Fri, 15 Nov 2019 23:27:18 +0000 (UTC) (envelope-from scottl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7D590205EF; Fri, 15 Nov 2019 23:27:18 +0000 (UTC) (envelope-from scottl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id xAFNRIqR061475; Fri, 15 Nov 2019 23:27:18 GMT (envelope-from scottl@FreeBSD.org) Received: (from scottl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id xAFNRI5l061473; Fri, 15 Nov 2019 23:27:18 GMT (envelope-from scottl@FreeBSD.org) Message-Id: <201911152327.xAFNRI5l061473@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: scottl set sender to scottl@FreeBSD.org using -f From: Scott Long Date: Fri, 15 Nov 2019 23:27:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r354756 - in head/sys: kern sys X-SVN-Group: head X-SVN-Commit-Author: scottl X-SVN-Commit-Paths: in head/sys: kern sys X-SVN-Commit-Revision: 354756 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Nov 2019 23:27:19 -0000 Author: scottl Date: Fri Nov 15 23:27:17 2019 New Revision: 354756 URL: https://svnweb.freebsd.org/changeset/base/354756 Log: Create a new sysctl subtree, machdep.mitigations. Its purpose is to organize knobs and indicators for code that mitigates functional and security issues in the architecture/platform. Controls for regular operational policy should still go into places security, hw, kern, etc. The machdep root node is inherently architecture dependent, but mitigations tend to be architecture dependent as well. Some cases like Spectre do cross architectural boundaries, but the mitigation code for them tends to be architecture dependent anyways, and multiple architectures won't be active in the same image of the kernel. Many mitigation knobs already exist in the system, and they will be moved with compat naming in the future. Going forward, mitigations should collect in machdep.mitigations. Reviewed by: imp, brooks, rwatson, emaste, jhb Sponsored by: Intel Modified: head/sys/kern/kern_mib.c head/sys/sys/sysctl.h Modified: head/sys/kern/kern_mib.c ============================================================================== --- head/sys/kern/kern_mib.c Fri Nov 15 23:12:19 2019 (r354755) +++ head/sys/kern/kern_mib.c Fri Nov 15 23:27:17 2019 (r354756) @@ -78,6 +78,8 @@ SYSCTL_ROOT_NODE(CTL_HW, hw, CTLFLAG_RW, 0, "hardware"); SYSCTL_ROOT_NODE(CTL_MACHDEP, machdep, CTLFLAG_RW, 0, "machine dependent"); +SYSCTL_NODE(_machdep, OID_AUTO, mitigations, CTLFLAG_RW, 0, + "Machine dependent platform mitigations."); SYSCTL_ROOT_NODE(CTL_USER, user, CTLFLAG_RW, 0, "user-level"); SYSCTL_ROOT_NODE(CTL_P1003_1B, p1003_1b, CTLFLAG_RW, 0, Modified: head/sys/sys/sysctl.h ============================================================================== --- head/sys/sys/sysctl.h Fri Nov 15 23:12:19 2019 (r354755) +++ head/sys/sys/sysctl.h Fri Nov 15 23:27:17 2019 (r354756) @@ -1094,6 +1094,7 @@ SYSCTL_DECL(_hw_bus); SYSCTL_DECL(_hw_bus_devices); SYSCTL_DECL(_hw_bus_info); SYSCTL_DECL(_machdep); +SYSCTL_DECL(_machdep_mitigations); SYSCTL_DECL(_user); SYSCTL_DECL(_compat); SYSCTL_DECL(_regression);