[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen stable-4.17] x86: Drop INDIRECT_JMP
commit 801e251556c374ce3e84ca776f211e00431932ef Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Fri Dec 22 18:01:37 2023 +0000 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Tue Apr 9 16:48:19 2024 +0100 x86: Drop INDIRECT_JMP Indirect JMPs which are not tailcalls can lead to an unwelcome form of speculative type confusion, and we've removed the uses of INDIRECT_JMP to compensate. Remove the temptation to reintroduce new instances. This is part of XSA-456 / CVE-2024-2201. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> (cherry picked from commit 0b66d7ce3c0290eaad28bdafb35200052d012b14) --- xen/arch/x86/include/asm/asm-defns.h | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/xen/arch/x86/include/asm/asm-defns.h b/xen/arch/x86/include/asm/asm-defns.h index 8bd9007731..7e22fcb9c0 100644 --- a/xen/arch/x86/include/asm/asm-defns.h +++ b/xen/arch/x86/include/asm/asm-defns.h @@ -20,10 +20,9 @@ .byte 0x0f, 0x01, 0xdd .endm -.macro INDIRECT_BRANCH insn:req arg:req +.macro INDIRECT_CALL arg:req /* - * Create an indirect branch. insn is one of call/jmp, arg is a single - * register. + * Create an indirect call. arg is a single register. * * With no compiler support, this degrades into a plain indirect call/jmp. * With compiler support, dispatch to the correct __x86_indirect_thunk_* @@ -33,7 +32,7 @@ $done = 0 .irp reg, ax, cx, dx, bx, bp, si, di, 8, 9, 10, 11, 12, 13, 14, 15 .ifeqs "\arg", "%r\reg" - \insn __x86_indirect_thunk_r\reg + call __x86_indirect_thunk_r\reg $done = 1 .exitm .endif @@ -44,19 +43,10 @@ .endif .else - \insn *\arg + call *\arg .endif .endm -/* Convenience wrappers. */ -.macro INDIRECT_CALL arg:req - INDIRECT_BRANCH call \arg -.endm - -.macro INDIRECT_JMP arg:req - INDIRECT_BRANCH jmp \arg -.endm - #ifdef CONFIG_XEN_IBT # define ENDBR64 endbr64 #else -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.17
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |