[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/8] x86/spec-ctrl: AMD DIV fix, and VERW prerequisite bugfixes
- To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Wed, 13 Sep 2023 21:27:50 +0100
- Authentication-results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Wed, 13 Sep 2023 20:28:29 +0000
- Ironport-data: A9a23:B4Tn7aPorHFncWDvrR2zl8FynXyQoLVcMsEvi/4bfWQNrUp21WQHn 2AdCGCHa/aDZDP2KdF/Ooi3/E9Qu5DSzdRkHQto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CQ6jefQAOOkVIYoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGjxSs/jrRC9H5qyo42tJ5wdmPpingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0vpuJWZMq vEaEQsuLSjfq9mc6/XjVsA506zPLOGzVG8eknRpzDWfBvc6W5HTBa7N4Le03h9p2JoIR6yHI ZNEN3w2Nk+ojx5nYz/7DLoXmuuyi2a5WDpfsF+P/oI84nTJzRw327/oWDbQUoXQGJ8FxhbJ/ goq+UzJPDwqDvKt2QCO836ImfXK3h3gB7kNQejQGvlC3wTImz175ActfUu2p7y1h1CzX/pbK lcI4Ww+oK4q7kupQ9LhGRqirxasnDQRRt5RGO0S8xyWx+zf5APxLncAZi5MbpohrsBeeNAx/ gbXxZWzX2Up6eDLDyvHrd94sA9eJwAJNEsFZ3AJTzI+wJrb/K0IpDmIFspKRfvdYsLOJRn8x DWDrS4bjroVjNIW26jTwW0rkw5AtbCSEFdru1y/snaNq1ogOdX7P9DABU3zt64oEWqPcrWWU JHoceC65ftGM5yCnTflrA4lTODwvKbt3NExbDdS83gdG9aFoS7LkWN4umsWyKJV3iEsIGWBX aMrkVkNjKK/xVPzBUONX6q/Ct4x0Y/rHsn/W/bfY7JmO8YgKFHcpHkyOxPOjggBdXTAdollZ f+mnTuEVy5GWcyLMhLoLwvi7VPb7n9nnj6CLXwK5x+mzaCfdBaopUQtaTOzghQCxPrc+m39q o8PX/ZmPj0DCIUSlAGLq99MRb3LRFBnba3LRzt/KrLcelc/SDF5YxITqJt4E7FYc21uvr+g1 hmAtoVwmDITWVWvxd22V01e
- Ironport-hdrordr: A9a23:EfUkcaFlA/GyOoMxpLqE5MeALOsnbusQ8zAXP0AYc3Jom6uj5q eTdZUgpHvJYVkqOE3I9ertBEDiewK4yXcW2/hzAV7KZmCP0wHEEGgL1/qF/9SKIUzDH4Bmup uIC5IOauHNMQ==
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Patch 8 is the XSA-439 fix for the AMD DIV issue, disclosed insufficiently
ahead of August 8th for us to prepare a fix for the embargo.
Patches 1 thru 7 are prerequisites, identified while trying to write patch 8.
All 8 patches are for all security trees.
Andrew Cooper (8):
x86/spec-ctrl: Fix confusion between SPEC_CTRL_EXIT_TO_XEN{,_IST}
x86/spec-ctrl: Fold DO_SPEC_CTRL_EXIT_TO_XEN into it's single user
x86/spec-ctrl: Turn the remaining SPEC_CTRL_{ENTRY,EXIT}_* into asm macros
x86/spec-ctrl: Extend all SPEC_CTRL_{ENTER,EXIT}_* comments
x86/entry: Adjust restore_all_xen to hold stack_end in %r14
x86/entry: Track the IST-ness of an entry for the exit paths
x86/spec-ctrl: Issue VERW during IST exit to Xen
x86/spec-ctrl: Mitigate the Zen1 DIV leakge
docs/misc/xen-command-line.pandoc | 6 +-
xen/arch/x86/hvm/svm/entry.S | 1 +
xen/arch/x86/include/asm/cpufeatures.h | 2 +-
xen/arch/x86/include/asm/spec_ctrl_asm.h | 150 ++++++++++++++++-------
xen/arch/x86/spec_ctrl.c | 45 ++++++-
xen/arch/x86/traps.c | 13 ++
xen/arch/x86/x86_64/compat/entry.S | 9 +-
xen/arch/x86/x86_64/entry.S | 31 +++--
8 files changed, 198 insertions(+), 59 deletions(-)
base-commit: 6aa25c32180ab59081c73bae4c568367d9133a1f
--
2.30.2
|
