[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/boot: Clean up the trampoline transition into Long mode



On Thu, Jan 02, 2020 at 05:20:12PM +0000, Andrew Cooper wrote:
> On 02/01/2020 16:55, Wei Liu wrote:
> > On Thu, Jan 02, 2020 at 02:59:53PM +0000, Andrew Cooper wrote:
> >> The jmp after setting %cr0 is redundant with the following ljmp.
> >>
> >> The CPUID to protect the jump to higher mappings was inserted due to an
> >> abundance of caution/paranoia before Spectre was public.  There is not a
> >> matching protection in the S3 resume path, and there is nothing
> >> interesting in memory at this point.
> > What do you mean by "there is nothing interesting in memory" here?
> >
> > As far as I can tell idel page table has been loaded.  During AP
> > bring-up it contains runtime data, no?
> 
> We haven't even decompressed the dom0 kernel at this point.  What data
> are you concerned by?

As the original text implied, CPU hotplug should also be considered.

If that's not relevant now, can you please note that in the commit
message?

Wei.

> 
> This protection is only meaningful for virtualised guests, and is
> ultimately incomplete.  If another VM can use Spectre v2 against this
> VM, it can also use Spectre v1 and have a far more interesting time.
> 
> In the time since writing this code, it has become substantially more
> apparent that VMs must trust their hypervisor to provide adequate
> isolation, because there is literally nothing the VM can do itself.
> 
> ~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.