subject:"\[Xen\-devel\] Xen Security Advisory 154 \(CVE\-2016\-2270\) \- x86\: inconsistent cachability flags on guest mappings"

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2017-02-01 Thread David Woodhouse

On Wed, 2017-01-25 at 07:21 -0700, Jan Beulich wrote: > > Well, in the context of this XSA we've asked both of them, and iirc > we've got a vague reply from Intel and none from AMD. In fact we > did defer the XSA for quite a bit waiting for any useful feedback. > To AMD's advantage I'd like to

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2017-01-25 Thread David Woodhouse

On Wed, 2017-01-25 at 07:21 -0700, Jan Beulich wrote: > > If there wasn't INVALID_MFN to be taken care of, the !mfn_valid() > check could simply move down, and be combined with the > direct_mmio one. As discussed on IRC, once we fix the overflow with order > 0, I think INVALID_MFN is OK. Not

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2017-01-25 Thread David Woodhouse

On Wed, 2017-01-25 at 07:21 -0700, Jan Beulich wrote: > Note the difference between "contains" and "overlaps". Oh, that makes more sense; thanks. > > And then there's a 'if (direct_mmio) return UC;' further down which > > looks like it'd do the right thing for the use case I'm actually > >

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2017-01-25 Thread Jan Beulich

>>> On 25.01.17 at 15:08, wrote: >> --- a/xen/arch/x86/hvm/mtrr.c >> +++ b/xen/arch/x86/hvm/mtrr.c >> @@ -770,8 +770,17 @@ int epte_get_entry_emt(struct domain *d, >> if ( v->domain != d ) >> v = d->vcpu ? d->vcpu[0] : NULL; >> >> -if (

[Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2017-01-25 Thread David Woodhouse

> x86: enforce consistent cachability of MMIO mappings > > We've been told by Intel that inconsistent cachability between > multiple mappings of the same page can affect system stability only > when the affected page is an MMIO one. Since the stale data issue is > of no relevance to the

[Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

2016-02-17 Thread Xen . org security team

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Xen Security Advisory CVE-2016-2270 / XSA-154 version 3 x86: inconsistent cachability flags on guest mappings UPDATES IN VERSION 3 Clarify cumbersome Resolution wording. The

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

Re: [Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

[Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

[Xen-devel] Xen Security Advisory 154 (CVE-2016-2270) - x86: inconsistent cachability flags on guest mappings

6 matches

Site Navigation

Mail list logo

Footer information