On 2016-08-10 09:28, Jan Kiszka wrote: > All d-cache entries related to memory that a new cell will use or that > a destructed cell was using are irrelevant now. Invalidate them so that > nothing leaks from/to other cells. > > CC: Marc Zyngier <marc.zyng...@arm.com> > CC: Mark Rutland <mark.rutl...@arm.com> > Signed-off-by: Jan Kiszka <jan.kis...@siemens.com> > --- > hypervisor/arch/arm/control.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/hypervisor/arch/arm/control.c b/hypervisor/arch/arm/control.c > index f9e117d..83add4c 100644 > --- a/hypervisor/arch/arm/control.c > +++ b/hypervisor/arch/arm/control.c > @@ -378,6 +378,12 @@ void arch_flush_cell_vcpu_caches(struct cell *cell) > > void arch_config_commit(struct cell *cell_added_removed) > { > + /* > + * We only need to flush caches for non-root cells and can ignore this > + * call when being invoked during setup on the root cell. > + */ > + if (cell_added_removed && cell_added_removed != &root_cell) > + arm_cell_dcaches_flush(cell_added_removed, DCACHE_INVALIDATE); > } > > void __attribute__((noreturn)) arch_panic_stop(void) >
Seems like this isn't enough yet: When we reload a cell and then reset it, there is also an invalidation required. Otherwise the cell may pull stale data from the previous session. Current interfaces do provide a sufficient hook for this. Need to rework them / add a better on. Jan -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.