I'm confused, shouldn't the LFENCE be between SWAPGS and future uses of
GS prefix?
In the old code, before 96b2371413e8f, we had:
swapgs
SAVE_AND_SWITCH_TO_KERNEL_CR3
FENCE_SWAPGS_KERNEL_ENTRY
// %gs user comes here..
And the comment made sense, since if SAVE_AND_SWITCH_TO_KERNEL_CR3 would
imply an unconditional CR3 write, the LFENCE would not be needed.
Then along gomes 96b2371413e8f and changes the order to:
SAVE_AND_SWITCH_TO_KERNEL_CR3
swapgs
FENCE_SWAPGS_KERNEL_ENTRY
// %gs user comes here..
But now the comment is crazy talk, because even if the CR3 write were
unconditional, it'd be pointless, since it's not after SWAPGS, but we
still have the LFENCE in the right place.
But now you want to make it:
SAVE_AND_SWITCH_TO_KERNEL_CR3
FENCE_SWAPGS_KERNEL_ENTRY
swapgs
// %gs user comes here..
And there's nothing left and speculation can use the old %gs for our
user and things go sideways. Hmm?
(on a completely unrelated note, I find KERNEL_ENTRY and USER_ENTRY
utterly confusing)