[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH SpectreV1+L1TF v6 9/9] common/memory: block speculative out-of-bound accesses



>>> On 08.02.19 at 14:44, <nmanthey@xxxxxxxxx> wrote:
> @@ -33,10 +34,11 @@ unsigned long __read_mostly pdx_group_valid[BITS_TO_LONGS(
>  
>  bool __mfn_valid(unsigned long mfn)
>  {
> -    return likely(mfn < max_page) &&
> -           likely(!(mfn & pfn_hole_mask)) &&
> -           likely(test_bit(pfn_to_pdx(mfn) / PDX_GROUP_COUNT,
> -                           pdx_group_valid));
> +    return evaluate_nospec(
> +        likely(mfn < max_page) &&
> +        likely(!(mfn & pfn_hole_mask)) &&
> +        likely(test_bit(pfn_to_pdx(array_index_nospec(mfn, max_page))
> +                                   / PDX_GROUP_COUNT, pdx_group_valid)));
>  }

How about this instead:

bool __mfn_valid(unsigned long mfn)
{
    if ( unlikely(evaluate_nospec(mfn >= max_page)) )
        return false;
    return likely(!(mfn & pfn_hole_mask)) &&
           likely(test_bit(pfn_to_pdx(mfn) / PDX_GROUP_COUNT,
                           pdx_group_valid));
}

Initially I really just wanted to improve the line wrapping (at the
very least the / was misplaced), but I think this variant guards
against all that's needed without even introducing wrapping
headaches.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.