On 12/11/2018 03:41, speck for Andi Kleen wrote:
> @@ -329,6 +331,12 @@ For 32-bit we have the following conventions - kernel is built with
>  
>  #endif
>  
> +.macro EXIT_MDS
> +	/* Clear CPU buffers that could leak. Instruction must be in memory form. */
> +	ALTERNATIVE "", __stringify(pushq $__USER_DS ; verw (%rsp) ; addq $8, %rsp),\
> +		 X86_FEATURE_MB_CLEAR

The code sample from the slides is push $0.  Here, you are forcing an
implicit access into the GDT by using a non-NUL selector, which is a
compound performance hit.

What I am considering for Xen is to have a dedicated uint16_t
nul_selector and referencing that via a RIP-relative access, which also
disassembles to something obvious.

~Andrew