From patchwork Thu Sep 26 18:37:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 174507 Delivered-To: patch@linaro.org Received: by 2002:a92:7e96:0:0:0:0:0 with SMTP id q22csp2438515ill; Thu, 26 Sep 2019 11:39:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqz6pctU9FsT9BcGPkg6PIqEuAhKvtaUkvqOAIJ0OO2oIL4oSVoWza0HnChOOZxaHki9mi6N X-Received: by 2002:a02:cabb:: with SMTP id e27mr4658803jap.107.1569523195331; Thu, 26 Sep 2019 11:39:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569523195; cv=none; d=google.com; s=arc-20160816; b=TLGlgMR+c6foo/87B66h4tuNlryxuob604ZYYvNZ+++lH8My0ENdswMsFPCLqDHbqs R/Ynm7rte+Mavj2CZd2p1532Ct00XRRQnwf/8P/37e7WM/HCKcnMESu1TN+TFNULxk35 3QJKPeeAo+wu9up5PIZ2Hxxm17iu7yFr9InkLqYah5jZ5Xkhq5RMUiVTumLC4+hbxQBg ITerp3EDGiob8w7A6BDmolIA0q/1MPqnVqyZ5+oOGMu/6N7oVKbTJI4wv1sxt765XkNN iixhW0wDEHoSwWemvIb+QoTxQAu81TCM5gOkTBPTQ3IyM/ISQ7CuTNPXjCcGML3Xmb2N QwcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:message-id:date:to:from; bh=kh3PEtd4xxwb5aE/le/bHlRVmt/ZGrIu6UBENZcuoMI=; b=eTb/w7vmDQjjvOF2eb2WLn/jwYVND5mHPhDCs21wiosUnaBOV+WucAD3UOG46iykI6 M7+ZJTXTeBtCw8uX+vC9m8fWMKHrsnO5A4TKQfgQ5rUWe3L+8yn+uKB+SvAYqnGeZNGq utE3ISWESKmxeCH8m8SJ4QJuYKl1Gj/4TKstoLzoCplmfyYftvE4IOk9ZCSDrIk/6LFy ncPmO9xNbKHs1RHHMpwHDr2DLGjXuCSgu09mPYsiZ7zHQ7JfSaO5EV+2G+NsR1zyzlvo qTM/vwdcKD4+PnEdAWM7zpPITqolzGFlABg1nV3A3KMeLeONywPkE/vsnI0BvzFmkV42 Cdsg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id h18si3820200iog.106.2019.09.26.11.39.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 26 Sep 2019 11:39:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iDYef-0002O0-Sk; Thu, 26 Sep 2019 18:38:17 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iDYed-0002Nq-Us for xen-devel@lists.xenproject.org; Thu, 26 Sep 2019 18:38:15 +0000 X-Inumbo-ID: cc0d7a8a-e08c-11e9-b588-bc764e2007e4 Received: from foss.arm.com (unknown [217.140.110.172]) by localhost (Halon) with ESMTP id cc0d7a8a-e08c-11e9-b588-bc764e2007e4; Thu, 26 Sep 2019 18:38:13 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4F873142F; Thu, 26 Sep 2019 11:38:13 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.196.50]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 30AE33F67D; Thu, 26 Sep 2019 11:38:12 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Thu, 26 Sep 2019 19:37:58 +0100 Message-Id: <20190926183808.11630-1-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 Subject: [Xen-devel] [PATCH RFC for-4.13 00/10] xen/arm: XSA-201 and XSA-263 fixes X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: jgross@suse.com, Stefano Stabellini , Konrad Rzeszutek Wilk , andrii.anisov@gmail.com, Ross Lagerwall , Julien Grall , Volodymyr Babchuk MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Hi all, This patch series aims to fix two bugs in the entry path from the guest: 1) Make sure that SSBD workaround is enabled before executing any hypervisor code 2) Avoid guest state corruption when an virtual SError is received The full series is candidate for Xen 4.13. Without it, the hypervisor would not be properly protected against SSB vulnerability and the guest state may get corrupted if an SError is received. This is in RFC state because the entry code is now quite different and arm32 changes are not yet implemented. I will modify arm32 once we agreed on the approach. Cheers, Cc: jgross@suse.com Julien Grall (9): xen/arm64: entry: Introduce a macro to generate guest vector and use it xen/arm64: head: Check if an SError is pending when receiving a vSError xen/arm: traps: Rework entry/exit from the guest path xen/arm: Ensure the SSBD workaround is re-enabled right after exiting a guest xen/arm: alternative: Remove unused parameter for alternative_if_not_cap xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h xen/arm: Allow insn.h to be called from assembly xen/arm: asm: Replace use of ALTERNATIVE with alternative_if xen/arm64: entry: Ensure the guest state is synced when receiving a vSError Mark Rutland (1): xen/arm: alternative: add auto-nop infrastructure xen/arch/arm/alternative.c | 2 - xen/arch/arm/arm32/entry.S | 9 ++- xen/arch/arm/arm64/entry.S | 121 +++++++++++++++----------------------- xen/arch/arm/traps.c | 81 +++++++++++++------------ xen/include/asm-arm/alternative.h | 74 ++++++++++++++++------- xen/include/asm-arm/insn.h | 11 ++++ xen/include/asm-arm/livepatch.h | 4 +- xen/include/asm-arm/macros.h | 7 +++ 8 files changed, 172 insertions(+), 137 deletions(-)