flight 118102 qemu-mainline real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118102/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-armhf-libvirt broken
build-armhf-libvirt 5
On Fri, Jan 12, 2018 at 03:21:13PM -0600, Eric DeVolder wrote:
> When kexec is utilized in a Xen environment, it has an explicit
> run-time dependency on libxenctrl.so. This dependency occurs
> during the configure stage and when building kexec-tools.
>
> When kexec is utilized in a non-Xen
On 15/01/18 11:26, Jan Beulich wrote:
On 12.01.18 at 19:01, wrote:
>> --- a/xen/include/asm-x86/spec_ctrl.h
>> +++ b/xen/include/asm-x86/spec_ctrl.h
>> @@ -20,8 +20,29 @@
>> #ifndef __X86_SPEC_CTRL_H__
>> #define __X86_SPEC_CTRL_H__
>>
>> +#include
>> +
>>
On Tue, 16 Jan 2018, Julien Grall wrote:
> Cortex-A72, A73 and A75 MIDR will be used to a follow-up for hardening
> the branch predictor.
>
> This is part of XSA-254.
>
> Signed-off-by: Julien Grall
Acked-by: Stefano Stabellini
> ---
>
flight 118110 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118110/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
On Tue, 16 Jan 2018, Julien Grall wrote:
> Introduce a new macro MIDR_ALL_VERSIONS to match all variant/revision of a
> given CPU model.
>
> This is part of XSA-254.
>
> Signed-off-by: Julien Grall
Reviewed-by: Stefano Stabellini
> ---
>
On Tue, 16 Jan 2018, Julien Grall wrote:
> Once Xen knows what features/workarounds present on the platform, it
> might be necessary to configure each online CPU.
>
> Introduce a new callback "enable" that will be called on each online CPU to
> configure the "capability".
>
> The code is based
On 15/01/18 12:09, Jan Beulich wrote:
On 12.01.18 at 19:01, wrote:
>> --- a/xen/arch/x86/setup.c
>> +++ b/xen/arch/x86/setup.c
>> @@ -668,6 +668,7 @@ void __init noreturn __start_xen(unsigned long mbi_p)
>> set_processor_id(0);
>>
On Mon, Jan 15, 2018 at 09:24:52PM -0600, Doug Goldstein wrote:
> There was no default documented but inspecting
> libxl__domain_build_info_setdefault() shows the default to be
> LIBXL_TIMER_MODE_NO_DELAY_FOR_MISSED_TICKS.
>
> Signed-off-by: Doug Goldstein
> ---
> CC: Wei Liu
>>> On 16.01.18 at 09:43, wrote:
> flight 118078 xen-unstable real [real]
> http://logs.test-lab.xenproject.org/osstest/logs/118078/
>
> Regressions :-(
>
> Tests which did not succeed and are blocking,
> including tests which could not be run:
>
>>> On 15.01.18 at 19:12, wrote:
> Luwei Kang (7):
> x86: add a flag to enable Intel processor trace
> x86: configure vmcs for Intel processor trace virtualization
> x86: add intel proecessor trace support for cpuid
> x86: add intel processor trace context
> x86:
>>> On 15.01.18 at 19:26, wrote:
> On 15/01/18 11:07, Jan Beulich wrote:
>> --- a/docs/misc/xen-command-line.markdown
>> +++ b/docs/misc/xen-command-line.markdown
>> @@ -1849,6 +1849,15 @@ In the case that x2apic is in use, this
>> clustered mode. The default, given
flight 118091 qemu-mainline real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118091/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64 6 xen-buildfail REGR. vs. 117930
On 01/16/2018 07:12 AM, Jan Beulich wrote:
On 15.01.18 at 17:54, wrote:
>> On Jan 12, 2018, at 05:19, Jan Beulich wrote:
>>>
>>> This is a very simplistic change limiting the amount of memory a running
>>> 64-bit PV guest has mapped (and hence available
On Mon, Jan 15, 2018 at 09:23:20PM +, Michael Young wrote:
> Currently the boot of a pvh guest using the qemu-xen device model fails
> with the error
> xen emulation not implemented (yet)
> in the qemu-dm log file. This patch adds the missing -xen-attach
> argument.
>
> V2: Use b_info->type
On 16/01/18 09:33, Jan Beulich wrote:
On 15.01.18 at 19:23, wrote:
>> On 15/01/18 11:06, Jan Beulich wrote:
>>> This also wants Andrew's "[PATCH RFC 11/44] x86/pt-shadow: Always set
>>> _PAGE_ACCESSED on L4e updates".
>> I've cleaned this patch up and committed it
On Mon, Jan 15, 2018 at 11:07 AM, Jan Beulich wrote:
> First of all we don't need it on AMD systems. Additionally allow its use
> to be controlled by command line option. For best backportability, this
> intentionally doesn't use alternative instruction patching to achieve
>
On Fri, 2018-01-12 at 18:00 +, Andrew Cooper wrote:
>
> @@ -152,14 +163,38 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr,
> uint64_t val)
> {
> const struct vcpu *curr = current;
> struct domain *d = v->domain;
> + const struct cpuid_policy *cp = d->arch.cpuid;
> struct
>>> On 15.01.18 at 19:23, wrote:
> On 15/01/18 11:06, Jan Beulich wrote:
>> This also wants Andrew's "[PATCH RFC 11/44] x86/pt-shadow: Always set
>> _PAGE_ACCESSED on L4e updates".
>
> I've cleaned this patch up and committed it in preparation.
>
>
On 01/03/2018 05:47 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+
+/* Xen: Type definitions for iommu_domain */
+#define IOMMU_DOMAIN_UNMANAGED 0
+#define IOMMU_DOMAIN_DMA 1
+#define IOMMU_DOMAIN_IDENTITY 2
+
+/* Xen: Dummy iommu_domain */
+struct iommu_domain {
+ /* Runtime SMMU
On Tue, Jan 16, 2018 at 4:42 PM, Doug Goldstein wrote:
> On 1/12/18 8:20 AM, Wei Liu wrote:
>> On Fri, Jan 12, 2018 at 03:17:04PM +0100, Olaf Hering wrote:
>>> On Fri, Jan 12, Wei Liu wrote:
>>>
Vixen Comet
Guest console
On 16/01/18 15:22, Jan Beulich wrote:
> First of all we don't need it on AMD systems. Additionally allow its use
> to be controlled by command line option. For best backportability, this
> intentionally doesn't use alternative instruction patching to achieve
> the intended effect - while we likely
On 1/12/18 8:20 AM, Wei Liu wrote:
> On Fri, Jan 12, 2018 at 03:17:04PM +0100, Olaf Hering wrote:
>> On Fri, Jan 12, Wei Liu wrote:
>>
>>> Vixen Comet
>>> Guest console Output onlyBi-directional
>>
>> With the proper patch
On Tue, Jan 16, 2018 at 10:42:17AM -0600, Doug Goldstein wrote:
> On 1/12/18 8:20 AM, Wei Liu wrote:
> > On Fri, Jan 12, 2018 at 03:17:04PM +0100, Olaf Hering wrote:
> >> On Fri, Jan 12, Wei Liu wrote:
> >>
> >>> Vixen Comet
> >>> Guest console
On Tue, Jan 16, 2018 at 12:46:10PM +, Wei Liu wrote:
> On Fri, Jan 12, 2018 at 01:24:09PM +, Wei Liu wrote:
> > Hi all,
> >
> > Two solutions are proposed to mitigate Meltdown. One is called Vixen and the
> > other is called Comet. The long term goal is to merge the two
> >
On Tue, Jan 16, 2018 at 12:35 PM, Jan Beulich wrote:
On 16.01.18 at 13:12, wrote:
>> On Mon, Jan 15, 2018 at 11:07 AM, Jan Beulich wrote:
>>> First of all we don't need it on AMD systems. Additionally allow its use
>>> to be
Hi Julien,
On 01/16/2018 02:11 AM, Julien Grall wrote:
On 01/03/2018 05:34 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+ unsigned int type;
+
+ /* Dummy compatibility defines */
+ unsigned long pgsize_bitmap;
+ struct iommu_domain_geometry geometry;
+
+
On Tue, Jan 16, 2018 at 12:21 PM, Juergen Gross wrote:
> On 16/01/18 13:12, George Dunlap wrote:
>> On Mon, Jan 15, 2018 at 11:07 AM, Jan Beulich wrote:
>>> First of all we don't need it on AMD systems. Additionally allow its use
>>> to be controlled by
On 16/01/18 12:33, Jan Beulich wrote:
>>
>> On 15.01.18 at 19:23, wrote:
can we collect these together into macros, rather than
opencoding? We seem to have 3 distinct variations.
>>> I had considered that (following the model you use in the SP2
>>>
according to Eduardo Habkost's commit fd3b02c889 all PCIEs now implement
INTERFACE_PCIE_DEVICE so we don't need is_express field anymore.
Devices that implements only INTERFACE_PCIE_DEVICE (is_express == 1)
or
devices that implements only INTERFACE_CONVENTIONAL_PCI_DEVICE (is_express == 0)
where
Hi Manish,
On 16/01/18 13:27, Manish Jaggi wrote:
On 01/16/2018 06:44 PM, Julien Grall wrote:
On 16/01/18 12:40, Manish Jaggi wrote:
Hi Julien,
Hi,
On 01/16/2018 02:11 AM, Julien Grall wrote:
On 01/03/2018 05:34 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+ unsigned int
Dear Ganesh,
Could you please specify your exact target board? Is it salvator-x or
starter kit premier (h3ulcb)?
Actually Renesas BSP 2.19.0 is easily being built for salvator-x. In
step 8 you should select an appropriate conf from
`meta-rcar-gen3/docs/sample/conf/salvator-x/`.
> But the Yocto
>>> On 16.01.18 at 14:20, wrote:
> The isolation is definitely not complete. Amongst other things, remote
> stacks are in view of an attacker, which is why my KAISER-prereq series
> pushes for the fully isolated per-pcpu range.
How are remote stacks visible? The local
>>> On 16.01.18 at 14:55, wrote:
> On 15/01/18 10:28, Jan Beulich wrote:
>>> ctxt->io_emul_stub[10] = 0xff;
>>> ctxt->io_emul_stub[11] = 0xd1;
>>>
>>> +/*
>>> + * 3 bytes of P6_NOPS.
>>> + * TODO: untangle ideal_nops from init/livepatch Kconfig
This is a very simplistic change limiting the amount of memory a running
64-bit PV guest has mapped (and hence available for attacking): Only the
mappings of stack, IDT, and TSS are being cloned from the direct map
into per-CPU page tables. Guest controlled parts of the page tables are
being
On 16/01/18 14:25, Boris Ostrovsky wrote:
> On 01/16/2018 09:13 AM, Andrew Cooper wrote:
>> On 16/01/18 14:10, Boris Ostrovsky wrote:
>>> On 01/12/2018 01:01 PM, Andrew Cooper wrote:
+if ( boot_cpu_has(X86_FEATURE_IBRSB) )
+{
+/*
+ * Even if we've
First of all we don't need it on AMD systems. Additionally allow its use
to be controlled by command line option. For best backportability, this
intentionally doesn't use alternative instruction patching to achieve
the intended effect - while we likely want it, this will be later
follow-up.
Hi Jan,
On Tue, Jan 16, 2018 at 08:21:52AM -0700, Jan Beulich wrote:
> This is a very simplistic change limiting the amount of memory a running
> 64-bit PV guest has mapped (and hence available for attacking): Only the
> mappings of stack, IDT, and TSS are being cloned from the direct map
> into
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254
version 8
Information leak via side effects of speculative execution
UPDATES IN VERSION 8
PVH shim ("Comet")
On Tue, Jan 16, 2018 at 5:28 PM, Andy Smith wrote:
> Hi Jan,
>
> On Tue, Jan 16, 2018 at 08:21:52AM -0700, Jan Beulich wrote:
>> This is a very simplistic change limiting the amount of memory a running
>> 64-bit PV guest has mapped (and hence available for attacking): Only
On Tue, Jan 16, 2018 at 5:51 PM, George Dunlap wrote:
> On Tue, Jan 16, 2018 at 4:42 PM, Doug Goldstein wrote:
>> On 1/12/18 8:20 AM, Wei Liu wrote:
>>> On Fri, Jan 12, 2018 at 03:17:04PM +0100, Olaf Hering wrote:
On Fri, Jan 12, Wei Liu wrote:
flight 118096 xen-unstable real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118096/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-pvops 6 kernel-build fail in 118078 REGR. vs. 118003
Tests which are
Hi Jan,
On 12/01/18 13:13, Jan Beulich wrote:
On 09.01.18 at 20:43, wrote:
When I compiled the snippet on x86 and Arm, no relocation is available
for the pointers to string in the array in the final binary. Yet they
are available in the object.
I can see them there
> -Original Message-
> From: Xen-devel [mailto:xen-devel-boun...@lists.xenproject.org] On Behalf
> Of Paul Durrant
> Sent: 16 January 2018 09:27
> To: 'Jan Beulich'
> Cc: xen-devel ; osstest-
> ad...@xenproject.org
> Subject: Re:
On 16/01/18 11:10, David Woodhouse wrote:
> On Fri, 2018-01-12 at 18:00 +, Andrew Cooper wrote:
>> @@ -152,14 +163,38 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr,
>> uint64_t val)
>> {
>> const struct vcpu *curr = current;
>> struct domain *d = v->domain;
>> + const struct
Hi Manish,
On 02/01/18 09:27, manish.ja...@linaro.org wrote:
From: Manish Jaggi
This patch aims to add the support of IORT in Xen. Below is the list
of major components which this patchset provides.
a. Add support for parsing the IORT
b. Provides API to populate/query
Hi Manish,
On 02/01/18 09:27, manish.ja...@linaro.org wrote:
From: Manish Jaggi
Public API to populate and query map between requester id and
The commit message should not be indented.
streamId/DeviceID. IORT is parsed one time (outside this patch)
and two
From: Manish Jaggi
Add a handler for reading the guest's view of the ICC_IAR1_EL1
register. This involves finding the highest priority Group-1
interrupt, checking against both PMR and the active group
priority, activating the interrupt and setting the group
priority as
From: Manish Jaggi
gicv3_ich_read/write_lr functions are static in gic-v3.c
This patch creates wrapper functions which can be used from outside the file.
Signed-off-by: Manish Jaggi
---
xen/arch/arm/gic-v3.c| 10 ++
From: Manish Jaggi
In order to start handling guest access to GICv3 system registers,
let's add a hook that will get called when we trap a system register
access.
This handling code is kept independent of other traps.
Set CONFIG_VGIC_ERRATA to enable this code.
From: Manish Jaggi
This patchset is a Xen port of Marc's patchset.
arm64: KVM: Mediate access to GICv3 sysregs at EL2 [1]
The current RFC patchset is a subset of [1], as it handleing only Group1 traps
as a PoC. Most of the trap code is added in vsysreg.c. Trap handler
From: Manish Jaggi
In order to be able to trap Group-1 GICv3 system registers, we need to
set ICH_HCR_EL2.TALL1 before entering the guest. This is controlled by
the command line parameter group1_trap.
Singed-off-by: Manish Jaggi
---
From: Manish Jaggi
Add a handler for reading/writing the guest's view of the ICC_BPR1_EL1
register, which is located in the ICH_VMCR_EL2.BPR1 field.
Signed-off-by: Manish Jaggi
---
xen/arch/arm/arm64/vsysreg.c| 71
From: Manish Jaggi
Add a handler for writing the guest's view of the ICC_EOIR1_EL1
register. This involves dropping the priority of the interrupt,
and deactivating it if required.
Signed-off-by: Manish Jaggi
---
xen/arch/arm/arm64/vsysreg.c
On 16/01/18 15:21, Jan Beulich wrote:
> --- a/xen/include/asm-x86/x86_64/page.h
> +++ b/xen/include/asm-x86/x86_64/page.h
> @@ -24,8 +24,8 @@
> /* These are architectural limits. Current CPUs support only 40-bit phys. */
> #define PADDR_BITS 52
> #define VADDR_BITS 48
Dear Rajesh,
You can try to get an I2C bus controller in DomU in PIO mode following
[1], keeping in mind [2].
If you want it DMA capable you need Renesas IPMMU support in XEN [3],
[4] to be incorporated.
[1] - https://xenbits.xen.org/docs/unstable/misc/arm/passthrough.txt
[2] -
From: Manish Jaggi
define accessors that take the register number as a parameter.
Signed-off-by: Manish Jaggi
---
xen/arch/arm/arm64/vsysreg.c | 92
1 file changed, 92 insertions(+)
diff --git
From: Manish Jaggi
Add a handler for reading the guest's view of the ICV_HPPIR1_EL1
register. This is a simple parsing of the available LRs, extracting the
highest available interrupt.
Signed-off-by: Manish Jaggi
---
flight 118121 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118121/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
flight 118113 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118113/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
On Tue, 16 Jan 2018, Julien Grall wrote:
> Cortex-A57, A72, A73 and A75 are susceptible to branch predictor
> aliasing and can theoritically be attacked by malicious code.
>
> This patch implements a PSCI-based mitigation for these CPUs when
> available. The call into firmware will invalidate the
branch xen-unstable-smoke
xenbranch xen-unstable-smoke
job build-arm64-xsm
testid xen-build
Tree: qemuu git://xenbits.xen.org/qemu-xen.git
Tree: xen git://xenbits.xen.org/xen.git
*** Found and reproduced problem changeset ***
Bug is in tree: xen git://xenbits.xen.org/xen.git
Bug
flight 118127 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118127/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
flight 118133 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118133/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
flight 118108 seabios real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118108/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-qemuu-ws16-amd64 17 guest-stop fail REGR. vs. 115539
Tests which did not
flight 118139 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118139/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 118105
build-armhf
On 01/16/2018 07:10 PM, Julien Grall wrote:
Hi Manish,
On 16/01/18 13:27, Manish Jaggi wrote:
On 01/16/2018 06:44 PM, Julien Grall wrote:
On 16/01/18 12:40, Manish Jaggi wrote:
Hi Julien,
Hi,
On 01/16/2018 02:11 AM, Julien Grall wrote:
On 01/03/2018 05:34 AM, Manish Jaggi wrote:
On 01/16/2018 06:44 PM, Julien Grall wrote:
On 16/01/18 12:40, Manish Jaggi wrote:
Hi Julien,
Hi,
On 01/16/2018 02:11 AM, Julien Grall wrote:
On 01/03/2018 05:34 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+ unsigned int type;
+
+ /* Dummy compatibility
On 01/12/2018 01:01 PM, Andrew Cooper wrote:
>
> +if ( boot_cpu_has(X86_FEATURE_IBRSB) )
> +{
> +/*
> + * Even if we've chosen to not have IBRS set in Xen context, we still
> + * need the IBRS entry/exit logic to virtualise IBRS support for
> + * guests.
>
On 01/16/2018 09:13 AM, Andrew Cooper wrote:
> On 16/01/18 14:10, Boris Ostrovsky wrote:
>> On 01/12/2018 01:01 PM, Andrew Cooper wrote:
>>>
>>> +if ( boot_cpu_has(X86_FEATURE_IBRSB) )
>>> +{
>>> +/*
>>> + * Even if we've chosen to not have IBRS set in Xen context, we
>>> On 16.01.18 at 13:12, wrote:
> On Mon, Jan 15, 2018 at 11:07 AM, Jan Beulich wrote:
>> First of all we don't need it on AMD systems. Additionally allow its use
>> to be controlled by command line option. For best backportability, this
>> intentionally
On Fri, Jan 12, 2018 at 01:24:09PM +, Wei Liu wrote:
> Hi all,
>
> Two solutions are proposed to mitigate Meltdown. One is called Vixen and the
> other is called Comet. The long term goal is to merge the two implementations
> to one.
>
> Here I list the differences between the two
Hi Xen community
I have built and brought up Xen 4.8 on Renesas RCar H3. For a specific
requirement, I need to use the I2C bus of the board from Domain U. Is there
a way to use the I2C bus from the guest?
I have looked into para-virtualization and passthrough [1][2] but there
isn't enough
Aliasing attacked against CPU branch predictors can allow an attacker to
redirect speculative control flow on some CPUs and potentially divulge
information from one context to another.
This patch adds initial skeleton code behind a new Kconfig option to
enable implementation-specific mitigations
>>> On 16.01.18 at 12:51, wrote:
> On 16/01/18 07:46, Jan Beulich wrote:
> On 15.01.18 at 19:23, wrote:
>>> Also, can we collect these together into macros, rather than
>>> opencoding? We seem to have 3 distinct variations.
>> I had
Hi Julien,
On 01/16/2018 02:04 AM, Julien Grall wrote:
On 01/03/2018 05:47 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+
+/* Xen: Type definitions for iommu_domain */
+#define IOMMU_DOMAIN_UNMANAGED 0
+#define IOMMU_DOMAIN_DMA 1
+#define IOMMU_DOMAIN_IDENTITY 2
+
+/* Xen: Dummy
On Tue, Jan 16, 2018 at 12:46:10PM +, Wei Liu wrote:
> On Fri, Jan 12, 2018 at 01:24:09PM +, Wei Liu wrote:
> > Hi all,
> >
> > Two solutions are proposed to mitigate Meltdown. One is called Vixen and the
> > other is called Comet. The long term goal is to merge the two
> >
Hi,
On 16/01/18 12:37, Manish Jaggi wrote:
On 01/16/2018 02:04 AM, Julien Grall wrote:
On 01/03/2018 05:47 AM, Manish Jaggi wrote:
+int devm_request_threaded_irq(struct device *dev, unsigned int irq,
irq_handler_t handler,
+ irq_handler_t thread_fn, unsigned long irqflags,
+
On 16/01/18 08:12, Jan Beulich wrote:
On 15.01.18 at 19:26, wrote:
>> On 15/01/18 11:07, Jan Beulich wrote:
>>> --- a/docs/misc/xen-command-line.markdown
>>> +++ b/docs/misc/xen-command-line.markdown
>>> @@ -1849,6 +1849,15 @@ In the case that x2apic is in use,
On 15/01/18 10:28, Jan Beulich wrote:
>> ctxt->io_emul_stub[10] = 0xff;
>> ctxt->io_emul_stub[11] = 0xd1;
>>
>> +/*
>> + * 3 bytes of P6_NOPS.
>> + * TODO: untangle ideal_nops from init/livepatch Kconfig options.
>> + */
>> +memcpy(>io_emul_stub[12], "\x0f\x1f\x00",
On Tue, Jan 16, 2018 at 01:03:06PM +, Roger Pau Monné wrote:
> On Tue, Jan 16, 2018 at 12:46:10PM +, Wei Liu wrote:
> > On Fri, Jan 12, 2018 at 01:24:09PM +, Wei Liu wrote:
> > > Hi all,
> > >
> > > Two solutions are proposed to mitigate Meltdown. One is called Vixen and
> > > the
>
Hi all,
This series provides a framework for mitigating branch predictor hardening on
Arm64 on exception entry.
It also implements a dummy PSCI "VERSION" call as the hook for affected
Cortex-A CPUs. This will invalidate the predictor state with the latest
Arm Trusted Firmware patches which will
Cortex-A57, A72, A73 and A75 are susceptible to branch predictor
aliasing and can theoritically be attacked by malicious code.
This patch implements a PSCI-based mitigation for these CPUs when
available. The call into firmware will invalidate the branch predictor
state, preventing any malicious
Introduce a new macro MIDR_ALL_VERSIONS to match all variant/revision of a
given CPU model.
This is part of XSA-254.
Signed-off-by: Julien Grall
---
xen/arch/arm/cpuerrata.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/xen/arch/arm/cpuerrata.c
Cortex-A72, A73 and A75 MIDR will be used to a follow-up for hardening
the branch predictor.
This is part of XSA-254.
Signed-off-by: Julien Grall
---
xen/include/asm-arm/processor.h | 6 ++
1 file changed, 6 insertions(+)
diff --git
Hi Manish,
I sent the previous e-mail too soon.
On 02/01/18 09:27, manish.ja...@linaro.org wrote:
From: Manish Jaggi
Public API to populate and query map between requester id and
streamId/DeviceID. IORT is parsed one time (outside this patch)
and two lists are
On 16/01/18 17:28, Andy Smith wrote:
> Hi Jan,
>
> On Tue, Jan 16, 2018 at 08:21:52AM -0700, Jan Beulich wrote:
>> This is a very simplistic change limiting the amount of memory a running
>> 64-bit PV guest has mapped (and hence available for attacking): Only the
>> mappings of stack, IDT, and TSS
On Tue, Jan 16, 2018 at 05:55:38PM +, Andrew Cooper wrote:
> On 16/01/18 17:11, Jan Beulich wrote:
> On 16.01.18 at 17:52, wrote:
> >> I've pushed comet-for-unstable to my xenbits/xen.git. That branch is a
> >> forward port of 4.10.0-shim-comet branch to staging.
>
On Tue, Jan 16, 2018 at 05:28:40PM +, Andy Smith wrote:
> Hi Jan,
>
> On Tue, Jan 16, 2018 at 08:21:52AM -0700, Jan Beulich wrote:
> > This is a very simplistic change limiting the amount of memory a running
> > 64-bit PV guest has mapped (and hence available for attacking): Only the
> >
Jim Fehlig writes ("Re: [Xen-devel] [libvirt test] 118006: regressions - FAIL"):
> Should be fixed by
> https://libvirt.org/git/?p=libvirt.git;a=commit;h=66aa7e02c69cd90995f29dbfaca6c659ffe11693
Thanks for letting us know.
Ian.
___
Xen-devel mailing
flight 118105 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/118105/
Failures :-/ but no regressions.
Tests which did not succeed, but are not blocking:
test-amd64-amd64-libvirt 13 migrate-support-checkfail never pass
test-arm64-arm64-xl-xsm
Hi Manish,
On 02/01/18 09:28, manish.ja...@linaro.org wrote:
From: Manish Jaggi
Code to query estimated IORT size for hardware domain.
Please avoid indenting the commit message.
IORT for hardware domain is generated using the requesterId and deviceId map.
On 01/11/2018 04:36 AM, Ross Lagerwall wrote:
> When a netfront device is set up it registers a netdev fairly early on,
> before it has set up the queues and is actually usable. A userspace tool
> like NetworkManager will immediately try to open it and access its state
> as soon as it appears. The
On Tue, Jan 16, 2018 at 07:23:43PM +0100, Anthony Liguori wrote:
> On Tue, Jan 16, 2018 at 5:51 PM, George Dunlap wrote:
> > On Tue, Jan 16, 2018 at 4:42 PM, Doug Goldstein wrote:
> >> On 1/12/18 8:20 AM, Wei Liu wrote:
> >>> On Fri, Jan 12, 2018 at
94 matches
Mail list logo