git: 7622d3671cbe - releng/13.2 - amd64: properly recalculate mitigations knobs after resume

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Tue, 21 Mar 2023 13:23:16 UTC
The branch releng/13.2 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=7622d3671cbef860d5dede0e4beace8fd152cd87

commit 7622d3671cbef860d5dede0e4beace8fd152cd87
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-03-17 13:02:03 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-03-20 18:13:02 +0000

    amd64: properly recalculate mitigations knobs after resume
    
    Approved by:    re (gjb)
    
    (cherry picked from commit 02904a06c76be857307b78184863654b9e7b88ab)
    (cherry picked from commit 7c5d3ec4c02b89754ec3ce55d1b7943c404209df)
---
 sys/amd64/acpica/acpi_wakeup.c | 14 ++++++++++++++
 sys/amd64/amd64/initcpu.c      |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/sys/amd64/acpica/acpi_wakeup.c b/sys/amd64/acpica/acpi_wakeup.c
index 9601a88e11a4..1afbdc3a3bec 100644
--- a/sys/amd64/acpica/acpi_wakeup.c
+++ b/sys/amd64/acpica/acpi_wakeup.c
@@ -288,6 +288,20 @@ acpi_wakeup_machdep(struct acpi_softc *sc, int state, int sleep_result,
 		if (!CPU_EMPTY(&suspcpus))
 			resume_cpus(suspcpus);
 #endif
+
+		/*
+		 * Re-read cpu_stdext_feature3, which was zeroed-out
+		 * in acpi_sleep_machdep, after the microcode was
+		 * reloaded.  Then recalculate the active mitigations
+		 * knobs that depend on the microcode and
+		 * cpu_stdext_feature3.
+		 */
+		identify_cpu_ext_features();
+		hw_ibrs_recalculate(true);
+		hw_ssb_recalculate(true);
+		amd64_syscall_ret_flush_l1d_recalc();
+		x86_rngds_mitg_recalculate(true);
+
 		mca_resume();
 		if (vmm_resume_p != NULL)
 			vmm_resume_p();
diff --git a/sys/amd64/amd64/initcpu.c b/sys/amd64/amd64/initcpu.c
index 16780a9e069b..8d4c9d9cbe64 100644
--- a/sys/amd64/amd64/initcpu.c
+++ b/sys/amd64/amd64/initcpu.c
@@ -313,7 +313,7 @@ initializecpu(void)
 	}
 	load_cr4(cr4);
 	/* Reload cpu ext features to reflect cr4 changes */
-	if (IS_BSP())
+	if (IS_BSP() && cold)
 		identify_cpu_ext_features();
 	if (IS_BSP() && (amd_feature & AMDID_NX) != 0) {
 		msr = rdmsr(MSR_EFER) | EFER_NXE;