[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH L1TF v9 7/7] common/grant_table: block speculative out-of-bound accesses

To: <nmanthey@xxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Tue, 05 Mar 2019 09:38:37 -0700
Cc: Juergen Gross <jgross@xxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, wipawel@xxxxxxxxx, Julien Grall <julien.grall@xxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, "Martin Mazein\(amazein\)" <amazein@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julian Stecklina <jsteckli@xxxxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>
Delivery-date: Tue, 05 Mar 2019 16:38:57 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 27.02.19 at 17:13, <nmanthey@xxxxxxxxx> wrote:
> Speculative execution is not blocked in case one of the following
> properties is true:
>  - path cannot be triggered by the guest
>  - path does not return to the guest
>  - path does not result in an out-of-bound access
>  - path cannot be executed repeatedly
> Only the combination of the above properties allows to actually leak
> continuous chunks of memory. Therefore, we only add the penalty of
> protective mechanisms in case a potential speculative out-of-bound
> access matches all the above properties.

While this is all fine, how do I match which of the reasons applies to
which of (in particular) the gt_version checks left alone? As said, the
reasoning here should specifically be detailed so it can be used as a
guiding reference when adding further conditionals to the code down
the road. And of course review is (more) difficult this way as well, as
(judging from prior conversations) we don't seem to necessarily
agree in our views in all places, and hence to discuss a possibly
questionable decision others also need to understand which of the
criteria you considered to match in the specific case.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH L1TF v9 7/7] common/grant_table: block speculative out-of-bound accesses
  - From: Norbert Manthey

Prev by Date: Re: [Xen-devel] [PATCH] tools/libfsimage: Add `XEN' to environment variable name
Next by Date: [Xen-devel] [PATCH for-next RFC 0/4] tools: Python 3 compatibility
Previous by thread: [Xen-devel] [qemu-mainline baseline-only test] 83705: trouble: blocked/broken
Next by thread: Re: [Xen-devel] [PATCH L1TF v9 7/7] common/grant_table: block speculative out-of-bound accesses
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.