[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxxxxx>
Date: Wed, 31 Jan 2018 15:29:30 +0000
Cc: andre.przywara@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxx
Delivery-date: Wed, 31 Jan 2018 15:29:38 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>



On 26/01/18 16:21, Julien Grall wrote:

"Therefore hypervisor code running with guest vectors table should be
minimized and always have interrupts and async aborts masked to reduce
the risk to use them."

Do you think that it is clearer?
Well, that was covered by "interrupts". If you look at the Arm Arm, A,I, F are considered all interrupts.


I reworked the paragraph and it is now:

"However, on arm32, each vector contain a single instruction. This meansthat the hardened vector tables may rely on the state of registers thatdoes not hold when in the hypervisor (e.g SP is 8 bytes aligned).Therefore hypervisor code running with guest vectors table should beminimized and always have IRQ and SError masked to reduce the risk touse them."


Cheers,


--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Stefano Stabellini

References:
- [Xen-devel] [PATCH 0/7] xen/arm32: Branch predictor hardening (XSA-254 variant 2)
  - From: Julien Grall
- [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  - From: Julien Grall

Prev by Date: Re: [Xen-devel] [PATCH 0.5/5] arm/alternatives: Drop the !HAS_ALTERNATIVE infrastructure
Next by Date: Re: [Xen-devel] [PATCH 5/7] xen/arm32: Invalidate BTB on guest exit for Cortex A17 and 12
Previous by thread: Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
Next by thread: Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.