On 25/02/2019 14:34, Norbert Manthey wrote: > When interacting with io apic, a guest can specify values that are used > as index to structures, and whose values are not compared against > upper bounds to prevent speculative out-of-bound accesses. This change > prevents these speculative accesses. > > Furthermore, variables are initialized and the compiler is asked to not > optimized these initializations, as the uninitialized variables might be > used in a speculative out-of-bound access. Out of the four initialized > variables, two are potentially problematic, namely ones in the functions > vioapic_irq_positive_edge and vioapic_get_trigger_mode. > > As the two problematic variables are both used in the common function > gsi_vioapic, the mitigation is implemented there. As the access pattern > of the currently non-guest-controlled functions might change in the > future as well, the other variables are initialized as well. > > This is part of the speculative hardening effort. > > Signed-off-by: Norbert Manthey <nmant...@amazon.de> > Reviewed-by: Jan Beulich <jbeul...@suse.com>
Release-acked-by: Juergen Gross <jgr...@suse.com> Juergen _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
