[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 00/13] xen/arm: SSBD (aka Spectre-v4) mitigation (XSA-263)

On 06/12/2018 12:36 PM, Julien Grall wrote:
Hi all,

This patch series implement the Xen hypervisor side of the "Spectre-v4"
(CVE-2018-3639) mitigation known as "Speculative Store Bypass Disable"

More information can be found at:

For all released Arm Cortex-A that are affected by this issue, then the
preferred mitigation is simply to set a chicken bit in the firmware during
CPU initialization and therefore no change to Xen is required. Other CPUs
may require the chicken bit to be toggled dynamically (for example, when
switching between kernel-mode and hypervisor-mode) and this is achieve by
calling into EL3 via an SMC which has been published as part of the latest
SMCCC specification:

as well as an ATF update for the released ARM cores affected by SSBD:

These patches provide the following:
   1. Safe probing of firmware to establish which CPUs in the system
      require calling into EL3 as part of the mitigation
   2. A command-line option to force SSBD mitigation to be always on,
      always off, or dynamically toggled (default) for CPUs that require
      the EL3 call.
   3. An initial implementation of the call via Xen, which exposes the
      mitigation to the guest via an HVC interface.

This patch also provides bug fix and new infrastructure require to implement
the mitigation:
   1. Zeroed each vCPU stack
   2. Provide generic assembly macros
   3. Provide alternative callback (RFC)

A branch can be found with all the patches at:
   branch ssbd/v3

I have merged the series into my next branch. I will merge it once the tree is opened.


Julien Grall

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.