[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH L1TF v8 4/9] nospec: introduce evaluate_nospec
>>> On 25.02.19 at 14:34, <nmanthey@xxxxxxxxx> wrote: > Since the L1TF vulnerability of Intel CPUs, loading hypervisor data into > L1 cache is problematic, because when hyperthreading is used as well, a > guest running on the sibling core can leak this potentially secret data. > > To prevent these speculative accesses, we block speculation after > accessing the domain property field by adding lfence instructions. This > way, the CPU continues executing and loading data only once the condition > is actually evaluated. > > As the macros are typically used in if statements, the lfence has to come There are no macros anymore afaics. > --- /dev/null > +++ b/xen/include/asm-arm/nospec.h > @@ -0,0 +1,25 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. > */ > + > +#ifndef _ASM_ARM_NOSPEC_H > +#define _ASM_ARM_NOSPEC_H > + > +static inline bool evaluate_nospec(bool condition) > +{ > + return condition; Insufficient indentation. > --- /dev/null > +++ b/xen/include/asm-x86/nospec.h > @@ -0,0 +1,45 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. */ > + > +#ifndef _ASM_X86_NOSPEC_H > +#define _ASM_X86_NOSPEC_H > + > +#include <asm/alternative.h> > + > +/* Allow to insert a read memory barrier into conditionals */ > +static always_inline bool barrier_nospec_true(void) > +{ > +#ifdef CONFIG_HVM > + alternative("", "lfence", X86_FEATURE_SC_L1TF_VULN); > +#endif > + return true; > +} > + > +/* Allow to protect evaluation of conditionasl with respect to speculation */ > +static always_inline bool evaluate_nospec(bool condition) > +{ > +#ifdef CONFIG_HVM > + return (condition) ? barrier_nospec_true() : !barrier_nospec_true(); No need for the parentheses anymore. And is the #ifdef really needed here? > +#else > + return condition; > +#endif > + > +} Stray blank line. > +/* Allow to block speculative execution in generic code */ > +// #define block_speculation() ((void)barrier_nospec_true()) Stray leftover line. > +static always_inline void block_speculation(void) > +{ > + (void)barrier_nospec_true(); No need for the cast anymore. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |