|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86/boot: Clean up the trampoline transition into Long mode
On Thu, Jan 02, 2020 at 05:20:12PM +0000, Andrew Cooper wrote: > On 02/01/2020 16:55, Wei Liu wrote: > > On Thu, Jan 02, 2020 at 02:59:53PM +0000, Andrew Cooper wrote: > >> The jmp after setting %cr0 is redundant with the following ljmp. > >> > >> The CPUID to protect the jump to higher mappings was inserted due to an > >> abundance of caution/paranoia before Spectre was public. There is not a > >> matching protection in the S3 resume path, and there is nothing > >> interesting in memory at this point. > > What do you mean by "there is nothing interesting in memory" here? > > > > As far as I can tell idel page table has been loaded. During AP > > bring-up it contains runtime data, no? > > We haven't even decompressed the dom0 kernel at this point. What data > are you concerned by? As the original text implied, CPU hotplug should also be considered. If that's not relevant now, can you please note that in the commit message? Wei. > > This protection is only meaningful for virtualised guests, and is > ultimately incomplete. If another VM can use Spectre v2 against this > VM, it can also use Spectre v1 and have a far more interesting time. > > In the time since writing this code, it has become substantially more > apparent that VMs must trust their hypervisor to provide adequate > isolation, because there is literally nothing the VM can do itself. > > ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |