Patch 8 is the XSA-439 fix for the AMD DIV issue, disclosed insufficiently ahead of August 8th for us to prepare a fix for the embargo.
Patches 1 thru 7 are prerequisites, identified while trying to write patch 8. All 8 patches are for all security trees. Andrew Cooper (8): x86/spec-ctrl: Fix confusion between SPEC_CTRL_EXIT_TO_XEN{,_IST} x86/spec-ctrl: Fold DO_SPEC_CTRL_EXIT_TO_XEN into it's single user x86/spec-ctrl: Turn the remaining SPEC_CTRL_{ENTRY,EXIT}_* into asm macros x86/spec-ctrl: Extend all SPEC_CTRL_{ENTER,EXIT}_* comments x86/entry: Adjust restore_all_xen to hold stack_end in %r14 x86/entry: Track the IST-ness of an entry for the exit paths x86/spec-ctrl: Issue VERW during IST exit to Xen x86/spec-ctrl: Mitigate the Zen1 DIV leakge docs/misc/xen-command-line.pandoc | 6 +- xen/arch/x86/hvm/svm/entry.S | 1 + xen/arch/x86/include/asm/cpufeatures.h | 2 +- xen/arch/x86/include/asm/spec_ctrl_asm.h | 150 ++++++++++++++++------- xen/arch/x86/spec_ctrl.c | 45 ++++++- xen/arch/x86/traps.c | 13 ++ xen/arch/x86/x86_64/compat/entry.S | 9 +- xen/arch/x86/x86_64/entry.S | 31 +++-- 8 files changed, 198 insertions(+), 59 deletions(-) base-commit: 6aa25c32180ab59081c73bae4c568367d9133a1f -- 2.30.2