[Xen-devel,for-4.13,v4,00/19] xen/arm: XSA-201 and XSA-263 fixes

Message ID	20191031150922.22938-1-julien.grall@arm.com
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; From: Julien Grall <julien.grall@arm.com> To: xen-devel@lists.xenproject.org Date: Thu, 31 Oct 2019 15:09:03 +0000 Message-Id: <20191031150922.22938-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263 fixes Precedence: list Cc: jgross@suse.com, Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>, Wei Liu <wl@xen.org>, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>, George Dunlap <George.Dunlap@eu.citrix.com>, Andrew Cooper <andrew.cooper3@citrix.com>, Ian Jackson <ian.jackson@eu.citrix.com>, Ross Lagerwall <ross.lagerwall@citrix.com>, Julien Grall <julien.grall@arm.com>, Jan Beulich <jbeulich@suse.com>, Volodymyr Babchuk <Volodymyr_Babchuk@epam.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
Series	xen/arm: XSA-201 and XSA-263 fixes \| expand [Xen-devel,for-4.13,v4,00/19] xen/arm: XSA-201 and XSA-263 fixes [Xen-devel,for-4.13,v4,01/19] docs/misc: xen-command-line: Remove wrong statement from serrors=di... [Xen-devel,for-4.13,v4,02/19] xen/arm: Remove serrors=forward [Xen-devel,for-4.13,v4,03/19] xen/arm: traps: Rework __do_serror() documentation [Xen-devel,for-4.13,v4,04/19] docs/misc: xen-command-line: Rework documentation of the option 'se... [Xen-devel,for-4.13,v4,05/19] xen/arm: traps: Update the correct PC when inject a virtual SError ... [Xen-devel,for-4.13,v4,06/19] xen/arm64: entry: Avoid open-coding interrupt flags [Xen-devel,for-4.13,v4,07/19] xen/arm64: entry: Introduce a macro to generate guest vector and us... [Xen-devel,for-4.13,v4,08/19] xen/arm64: entry: Check if an SError is pending when receiving a vS... [Xen-devel,for-4.13,v4,09/19] xen/arm: traps: Rework entry/exit from the guest path [Xen-devel,for-4.13,v4,10/19] xen/arm32: entry: Rename save_guest_regs() [Xen-devel,for-4.13,v4,11/19] xen/arm: Ensure the SSBD workaround is re-enabled right after exiti... [Xen-devel,for-4.13,v4,12/19] xen/arm: traps: Don't ignore invalid value for serrors= [Xen-devel,for-4.13,v4,13/19] xen/arm: alternative: Remove unused parameter for alternative_if_no... [Xen-devel,for-4.13,v4,14/19] xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h [Xen-devel,for-4.13,v4,15/19] xen/arm: Allow insn.h to be called from assembly [Xen-devel,for-4.13,v4,16/19] xen/arm: alternative: add auto-nop infrastructure [Xen-devel,for-4.13,v4,17/19] xen/arm: asm: Replace use of ALTERNATIVE with alternative_if [Xen-devel,for-4.13,v4,18/19] xen/arm: Update the ASSERT() in SYNCHRONIZE_SERROR() [Xen-devel,for-4.13,v4,19/19] xen/arm: entry: Ensure the guest state is synced when receiving a v...

Message ID

20191031150922.22938-1-julien.grall@arm.com

Headers

Received-SPF: pass (google.com: best guess record for domain of
	xen-devel-bounces@lists.xenproject.org designates
	192.237.175.120 as permitted sender)
	client-ip=192.237.175.120; 
From: Julien Grall <julien.grall@arm.com>
To: xen-devel@lists.xenproject.org
Date: Thu, 31 Oct 2019 15:09:03 +0000
Message-Id: <20191031150922.22938-1-julien.grall@arm.com>
Subject: [Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263
	fixes
Precedence: list
Cc: jgross@suse.com, Stefano Stabellini <sstabellini@kernel.org>,
	Julien Grall <julien@xen.org>, Wei Liu <wl@xen.org>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
	George Dunlap <George.Dunlap@eu.citrix.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Ian Jackson <ian.jackson@eu.citrix.com>,
	Ross Lagerwall <ross.lagerwall@citrix.com>,
	Julien Grall <julien.grall@arm.com>, Jan Beulich <jbeulich@suse.com>, 
	Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

Series

xen/arm: XSA-201 and XSA-263 fixes | expand

Message

Julien Grall Oct. 31, 2019, 3:09 p.m. UTC

Hi all,

This is v4 of the series. For those wondering why it is v4 and not v2, this
series is closely related to XSA-303 [1] and refrained to post a new version
publicly. To avoid delaying the series was reviewed privately on security@.

The series is now nearly fully reviewed. There are just a few missing tags
for patch #11, #12 and #19.

The series is based on XSA-303 which has not yet been committed. For
convenience, I have pushed a branch on my public git:

https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
branch entry-rework/v4

@Juergen: On v1, you agreed this should be considered as a blocker for Xen 4.13.
Are you still happy to consider this series to go in Xen 4.13?This is mostly
fixing up the non-XSA part of XSA-303. This should allow to handle properly
SSBD workaround and receive safely SErrors.

Cheers,

[1] https://xenbits.xen.org/xsa/advisory-303.html

Cc: jgross@suse.com

Julien Grall (18):
  docs/misc: xen-command-line: Remove wrong statement from
    serrors=diverse
  xen/arm: Remove serrors=forward
  xen/arm: traps: Rework __do_serror() documentation
  docs/misc: xen-command-line: Rework documentation of the option
    'serrors'
  xen/arm: traps: Update the correct PC when inject a virtual SError to
    the guest
  xen/arm64: entry: Avoid open-coding interrupt flags
  xen/arm64: entry: Introduce a macro to generate guest vector and use
    it
  xen/arm64: entry: Check if an SError is pending when receiving a
    vSError
  xen/arm: traps: Rework entry/exit from the guest path
  xen/arm32: entry: Rename save_guest_regs()
  xen/arm: Ensure the SSBD workaround is re-enabled right after exiting
    a guest
  xen/arm: traps: Don't ignore invalid value for serrors=
  xen/arm: alternative: Remove unused parameter for
    alternative_if_not_cap
  xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h
  xen/arm: Allow insn.h to be called from assembly
  xen/arm: asm: Replace use of ALTERNATIVE with alternative_if
  xen/arm: Update the ASSERT() in SYNCHRONIZE_SERROR()
  xen/arm: entry: Ensure the guest state is synced when receiving a
    vSError

Mark Rutland (1):
  xen/arm: alternative: add auto-nop infrastructure

 docs/misc/xen-command-line.pandoc |  45 +++-------
 xen/arch/arm/alternative.c        |   2 -
 xen/arch/arm/arm32/entry.S        |  80 ++++++++++++++----
 xen/arch/arm/arm32/traps.c        |  12 +--
 xen/arch/arm/arm64/entry.S        | 170 +++++++++++++++++++++-----------------
 xen/arch/arm/domain.c             |  11 ---
 xen/arch/arm/traps.c              | 166 +++++++++++++++++--------------------
 xen/include/asm-arm/alternative.h |  75 ++++++++++++-----
 xen/include/asm-arm/cpufeature.h  |  11 ++-
 xen/include/asm-arm/insn.h        |   7 ++
 xen/include/asm-arm/livepatch.h   |   4 +-
 xen/include/asm-arm/macros.h      |   7 ++
 xen/include/asm-arm/processor.h   |   2 +-
 13 files changed, 323 insertions(+), 269 deletions(-)

Comments

Juergen Gross Nov. 1, 2019, 10:47 a.m. UTC | #1

On 31.10.19 16:09, Julien Grall wrote:
> Hi all,
> 
> This is v4 of the series. For those wondering why it is v4 and not v2, this
> series is closely related to XSA-303 [1] and refrained to post a new version
> publicly. To avoid delaying the series was reviewed privately on security@.
> 
> The series is now nearly fully reviewed. There are just a few missing tags
> for patch #11, #12 and #19.
> 
> The series is based on XSA-303 which has not yet been committed. For
> convenience, I have pushed a branch on my public git:
> 
> https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
> branch entry-rework/v4
> 
> @Juergen: On v1, you agreed this should be considered as a blocker for Xen 4.13.
> Are you still happy to consider this series to go in Xen 4.13?This is mostly
> fixing up the non-XSA part of XSA-303. This should allow to handle properly
> SSBD workaround and receive safely SErrors.

Yeah, still fine with me, so for the series:

Release-acked-by: Juergen Gross <jgross@suse.com>


Juergen

Julien Grall Nov. 1, 2019, 2:45 p.m. UTC | #2

Hi,

On 11/1/19 10:47 AM, Jürgen Groß wrote:
> On 31.10.19 16:09, Julien Grall wrote:
>> Hi all,
>>
>> This is v4 of the series. For those wondering why it is v4 and not v2, 
>> this
>> series is closely related to XSA-303 [1] and refrained to post a new 
>> version
>> publicly. To avoid delaying the series was reviewed privately on 
>> security@.
>>
>> The series is now nearly fully reviewed. There are just a few missing 
>> tags
>> for patch #11, #12 and #19.
>>
>> The series is based on XSA-303 which has not yet been committed. For
>> convenience, I have pushed a branch on my public git:
>>
>> https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
>> branch entry-rework/v4
>>
>> @Juergen: On v1, you agreed this should be considered as a blocker for 
>> Xen 4.13.
>> Are you still happy to consider this series to go in Xen 4.13?This is 
>> mostly
>> fixing up the non-XSA part of XSA-303. This should allow to handle 
>> properly
>> SSBD workaround and receive safely SErrors.
> 
> Yeah, still fine with me, so for the series:
> 
> Release-acked-by: Juergen Gross <jgross@suse.com>

Thank you! I took the liberty to commit the series with the renaming 
Stefano and I discussed yesterday.

Hopefully this is the last big series for Arm for Xen 4.13 :).

Cheers,