On Wed, Jun 25, 2025 at 02:57:29PM +0200, Hans-Jörg Höxer wrote:
> Hi,
>
> I think we should add lfence to the near returns in the locore0 vctrap
> handler code.  While there, I tweaked a comment, as prompted by mlarkin.
>
> Take care,
> Hans-Joerg
>

ok mlarkin

> ----
> commit 25a9ae17c445ba4e4b7383fbb4bccdb61738192c
> Author: Hans-Joerg Hoexer <hshoexer@genua.de>
> Date:   Wed Jun 25 12:41:42 2025 +0200
>
>     SEV-ES guest: lfence near returns in vctrap handler
>
>     While there, tweak comment.
>
> diff --git a/sys/arch/amd64/amd64/locore0.S b/sys/arch/amd64/amd64/locore0.S
> index ab8d1d1c978..3f79af0d3cc 100644
> --- a/sys/arch/amd64/amd64/locore0.S
> +++ b/sys/arch/amd64/amd64/locore0.S
> @@ -208,7 +208,8 @@ bi_size_ok:
>  	 * 2) locore_vc_trap64:  Triggered when we are running in
>  	 *    32-bit compatibility mode.
>  	 *
> -	 * The latter one is used by vmd(8).
> +	 * The latter one is used by vmd(8) when direct kernel
> +	 * launch is configured.
>  	 */
>  	movl	$RELOC(early_idt), %ecx
>  	movl	$T_VC, %edx
> @@ -814,6 +815,7 @@ vc_cpuid64:
>  	rep vmmcall
>  	rdmsr
>  	ret
> +	lfence
>
>  	.globl	locore_vc_trap64
>  locore_vc_trap64:
> @@ -870,6 +872,7 @@ vc_cpuid32:
>  	rep vmmcall
>  	rdmsr
>  	ret
> +	lfence
>
>  	.globl	locore_vc_trap32
>  locore_vc_trap32: