[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen staging] is_control_domain: block speculation

commit 3a6db700619b049564d14688d711e0e69691b181
Author:     Norbert Manthey <nmanthey@xxxxxxxxx>
AuthorDate: Thu Mar 14 13:56:00 2019 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Fri Apr 5 12:15:04 2019 +0200

    is_control_domain: block speculation
    
    Checks of domain properties, such as is_hardware_domain or is_hvm_domain,
    might be bypassed by speculatively executing these instructions. A reason
    for bypassing these checks is that these macros access the domain
    structure via a pointer, and check a certain field. Since this memory
    access is slow, the CPU assumes a returned value and continues the
    execution.
    
    In case an is_control_domain check is bypassed, for example during a
    hypercall, data that should only be accessible by the control domain could
    be loaded into the cache.
    
    This is part of the speculative hardening effort.
    
    Signed-off-by: Norbert Manthey <nmanthey@xxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/include/xen/sched.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
index 6d23b6d873..0b8d6d492c 100644
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -911,10 +911,10 @@ void watchdog_domain_destroy(struct domain *d);
  *    (that is, this would not be suitable for a driver domain)
  *  - There is never a reason to deny the hardware domain access to this
  */
-#define is_hardware_domain(_d) ((_d) == hardware_domain)
+#define is_hardware_domain(_d) evaluate_nospec((_d) == hardware_domain)
 
 /* This check is for functionality specific to a control domain */
-#define is_control_domain(_d) ((_d)->is_privileged)
+#define is_control_domain(_d) evaluate_nospec((_d)->is_privileged)
 
 #define VM_ASSIST(d, t) (test_bit(VMASST_TYPE_ ## t, &(d)->vm_assist))
 
--
generated by git-patchbot for /home/xen/git/xen.git#staging

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.