Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system

[Jan Beulich <jbeulich@xxxxxxxx>]

On 14.08.2024 12:55, Ayan Kumar Halder wrote:
> Hi Jan,
> 
> On 14/08/2024 07:37, Jan Beulich wrote:
>> On 13.08.2024 19:13, Ayan Kumar Halder wrote:
>>> From: Penny Zheng <penny.zheng@xxxxxxx>
>>>
>>> Introduced CONFIG_VMAP which is selected by the architectures that use
>>> MMU. vm_init() does not do anything if CONFIG_VMAP is not enabled.
>>>
>>> VMAP is widely used in ALTERNATIVE feature to remap a range of memory
>>> with new memory attributes. Since this is highly dependent on virtual
>>> address translation, we choose to fold VMAP in MMU system.
>>>
>>> In this patch, we introduce a new Kconfig CONFIG_HAS_VMAP, and make it
>>> only support in MMU system on ARM architecture. And ALTERNATIVE now
>>> depends on VMAP.
>>>
>>> HARDEN_BRANCH_PREDICTOR is now gated on HAS_VMAP as speculative
>>> attacks are not possible on non MMU based systems (ie Cortex-R52, R82).
>>> See 
>>> https://developer.arm.com/Arm%20Security%20Center/Speculative%20Processor%20Vulnerability.
>> While I'm not an Arm expert and hence I'm likely missing aspects, I question
>> the one (Spectre-BHB) vulnerability there to be sufficient to draw a
>> conclusion towards the usefulness of branch hardening. I would advise
>> against encoding such a connection in the Kconfig dependencies.
> 
> AFAIU, to address 'Spectre' like vulnerabilities 'branch hardening' was 
> added.
> 
> See https://lore.kernel.org/all/E1fNadD-0000fz-9r@xxxxxxxxxxxxxxxxxxxxxx/
> 
> And from 
> https://lists.linaro.org/archives/list/linux-stable-mirror@xxxxxxxxxxxxxxxx/message/F4MGL4WT2R7T54NLRDGKFRQNSXF3DZGD/
> 
> Spectre is valid on MMU based systems.

Since then various other issues / flavors were found. I've been focusing
on the x86 side of things, but I'd be very surprised if some didn't
affect other architectures as well. Plus branch hardening can be a pre-
cautionary measure, too, I think.

Jan