[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Ping: [PATCH 0/2] VT-d: further XSA-59 workaround adjustments

>>> On 28.04.14 at 09:54, <JBeulich@xxxxxxxx> wrote:
> While doing the backports of the recently committed XSA-59 workaround
> patches, when reaching 4.2 I had to inspect the fuzzy applies resulting
> from the x86-64 conditionals in that code, making me realize that what
> we're doing is still insufficient: We wrongly assume to be able to access
> extended config registers (i.e. MMCFG space) at boot time.
> Fixing that, in turn made me again look at the one workaround that was
> in place in the same function before that recent series, just to find that
> the list very likely should have been extended quite a while back.
> 1: apply quirks at device setup time rather than only at boot
> 2: extend error report masking workaround to newer chipsets
> This (still) is CVE-2013-3495 / XSA-59.
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

Even if patch 2 may require additional time to be validated (and
ideally may turn out not to be required at all), I would still
appreciate some feedback on patch 1 rather sooner than later.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.