[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH RFC for-4.13 00/10] xen/arm: XSA-201 and XSA-263 fixes



Hi all,

This patch series aims to fix two bugs in the entry path from the guest:
    1) Make sure that SSBD workaround is enabled before executing any 
hypervisor code
    2) Avoid guest state corruption when an virtual SError is received

The full series is candidate for Xen 4.13. Without it, the hypervisor would
not be properly protected against SSB vulnerability and the guest state may
get corrupted if an SError is received.

This is in RFC state because the entry code is now quite different and
arm32 changes are not yet implemented. I will modify arm32 once we agreed
on the approach.

Cheers,

Cc: jgross@xxxxxxxx

Julien Grall (9):
  xen/arm64: entry: Introduce a macro to generate guest vector and use
    it
  xen/arm64: head: Check if an SError is pending when receiving a
    vSError
  xen/arm: traps: Rework entry/exit from the guest path
  xen/arm: Ensure the SSBD workaround is re-enabled right after exiting
    a guest
  xen/arm: alternative: Remove unused parameter for
    alternative_if_not_cap
  xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h
  xen/arm: Allow insn.h to be called from assembly
  xen/arm: asm: Replace use of ALTERNATIVE with alternative_if
  xen/arm64: entry: Ensure the guest state is synced when receiving a
    vSError

Mark Rutland (1):
  xen/arm: alternative: add auto-nop infrastructure

 xen/arch/arm/alternative.c        |   2 -
 xen/arch/arm/arm32/entry.S        |   9 ++-
 xen/arch/arm/arm64/entry.S        | 121 +++++++++++++++-----------------------
 xen/arch/arm/traps.c              |  81 +++++++++++++------------
 xen/include/asm-arm/alternative.h |  74 ++++++++++++++++-------
 xen/include/asm-arm/insn.h        |  11 ++++
 xen/include/asm-arm/livepatch.h   |   4 +-
 xen/include/asm-arm/macros.h      |   7 +++
 8 files changed, 172 insertions(+), 137 deletions(-)

-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.