projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2449655) | patch
x86/spec-ctrl: Mitigate IBPB not flushing the RSB/RAS
authorAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 14 Jun 2022 15:18:36 +0000 (16:18 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 8 Nov 2022 17:26:08 +0000 (17:26 +0000)
commit2b27967fb89d7904a1571a2fb963b1c9cac548db
tree68673100820685b20893453fa66153b0d02946b8tree | snapshot
parent24496558e650535bdbd22cc04731e82276cd1b3fcommit | diff
x86/spec-ctrl: Mitigate IBPB not flushing the RSB/RAS

Introduce spec_ctrl_new_guest_context() to encapsulate all logic pertaining to
using MSR_PRED_CMD for a new guest context, even if it only has one user
presently.

Introduce X86_BUG_IBPB_NO_RET, and use it extend spec_ctrl_new_guest_context()
with a manual fixup for hardware which mis-implements IBPB.

This is part of XSA-422 / CVE-2022-23824.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
xen/arch/x86/asm-macros.c diff | blob | history
xen/arch/x86/domain.c diff | blob | history
xen/arch/x86/include/asm/cpufeatures.h diff | blob | history
xen/arch/x86/include/asm/spec_ctrl.h diff | blob | history
xen/arch/x86/spec_ctrl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.