K 10
svn:author
V 3
kib
K 8
svn:date
V 27
2018-10-20T23:17:24.240487Z
K 7
svn:log
V 529
amd64: flush L1 data cache on syscall return with an error.

The knob allows to select the flushing mode or turn it off/on.  The
idea, as well as the list of the ignored syscall errors, were taken
from https://www.openwall.com/lists/kernel-hardening/2018/10/11/10 .

I was not able to measure statistically significant difference between
flush enabled vs disabled using syscall_timing getuid.

Reviewed by:	bwidawsk
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D17536

END