[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Revert of the 4.17 hypercall handler changes Re: [PATCH-for-4.17] xen: fix generated code for calling hypercall handlers
- To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
- From: George Dunlap <George.Dunlap@xxxxxxxxxx>
- Date: Fri, 4 Nov 2022 21:04:55 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OTAADyTg9FxyWr19S8eITGmI5jD4J9aOHbtGBQR31p0=; b=MKDCmVdirkctUXT9Wd+Cf0KUNY19AJHp0NBPJGRFmh+418qAOgAAtem/gVwlsmi3ua3Ai/6auzt9BB0VZ5QdC9iMSUCZ/M12nNfWigbhrDJxexHNzqIY3LeoZFjpGtHljJhruUDrxB2bqGajzlts1ygspSOBWAa0zzFQxF4sWERrs99S8SVpjjUItB5jGjTOft3xqMS91vqGPeqNktFLeeFRinspOoMW7/QuhflusbEJSD/CYAAnQzmY7JJGfeQD35n4jBF1Ac9oOiJASLdKKFktRERCU4NRyIzaIY3edG6/KG4jW6dBMG8C63TSlrHXdcH84QKSuDg9D35Jq5Qz3w==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PU7q8TLAAwZ8GqVeNX0VQieGLykl2y27++9pDFXjCo9Oj3SiTE777aNqPRirDjnJIBUADpP8KIEfZgJZA8XzoiYMlenAWiBK1kqJyKPVSoYY3kM6SJ5o0vd6yhGiQOemfPDK2cbOJBcs1ry9GR/uzC0oP7N035QKGH0UshBS9uquNpFstjpbIbDfVbMY9KOudvdNkA54nlHmO4tPhrAde6WaLdoQTFPMYFLWEVUDZtSHaK9JHG1HeiT3FKFX3SnE82/kWvJhVNCy2117gIZ6JQ/OazJZXo5S1E88Gs83GiBdB2nWfDPcKAPWhstT4U074YYYGefiRb55fHxc48mX5w==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Juergen Gross <jgross@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>
- Delivery-date: Fri, 04 Nov 2022 21:05:22 +0000
- Ironport-data: A9a23:q9FiPa7TkFizOZRfC2AVsAxRtF/HchMFZxGqfqrLsTDasI4TYg02e lBvGjDRZK7OJyCgZYg1O70CxjpQvMKDz4VgGVNo/3szHnsQ85qdCYnEcEmvZnmbccOaRk464 s9OYNfMfJ8+EiCBrEehOOWw8SZx36iBHLOhAbWZUswdqXeIbQ944f40s7Jp0uaE+OSEPj5hm e8eguWBNgD9gzMoYz5L4vOKpRli7P6i4mMRtFE1PP0U4ASPxyhJAMoTK5/qIiqjSOG4PAIYq 8Xrl+jlozyDr3/BLvv/z94Xp2VTGua60TCm0yYQAO76x0AY/UTe645jXNIEc0Bblj6VqN54z dRJpPSYRBwge6bBg4zxaTEBe81FFfAAqeGvzUSX65TJlRSfKye0mJ2CMWltVWEm0rcvaY1x3 aRwxAAlNnirm++wybSnfehg7uxLwB7DZd53VtlIlFk1PN5+KXzxa/yiCexwhV/csvtmD/fGD /f1XBI0BPj2j7+jDX9MYH42tL/AanAS6FS0onrNzUY8yzC7IACcTNEBmTcaEzCHbZw9o6qWm o7J12PeWz0AE9qN8zjf1nP32f/OgDzRZo1HQdVU9tYy6LGS7ko6LUVMEHee+ry+gEP4XM9DI UsJ/CZotbI16EGgUtj6WVu/vWKAuRkfHdFXFoXW6inUkvaSv1nfWzZCEmMphN8O7afaQRQF2 1iTkN6vKSFptLSNYXmc6q2VvXW5Pi19wWoqNXNeFVZbvIKLTIcbyTjBZI19GqePtMTWHQ2p+ QmBtQEGruBG5SIM/+DhlbzduBquqYLOVRUd/RjMUySu6QYRTJ6oYcmk5EbW6d5ELZ2FVR+Rs X4cgc+c4esSS5aXm0SlQu8AAbWo7PatKyDHjBhkGJxJ3zaw/3+ue6hA7Tc4I11mWu4fYiPga kLXvQJX5bdQMWGsYKsxZJi+Y+w1yYDwGNKjUerbBvJub55rZUm49SdhTUeK2ibml01ErE0kE ZKScMLpAXNBD61ilGCyX71FjeJtwT0iz2TOQ5y91w6gzbeVeH+ST/ECLUeKaec6qqiDpW057 upiCidD8D0HOMWWX8Ud2dd7wYwiRZTjOa3Llg==
- Ironport-hdrordr: A9a23:Tg3cOq7O9OHNYulI7QPXwX6BI+orL9Y04lQ7vn2ZFiY5TiXIra qTdaogviMc0AxhI03Jmbi7Scq9qADnhORICOgqTP2ftWzd1FdAQ7sSircKrweAJ8S6zJ8k6U 4CSdkyNDSTNykdsS+S2mDRfLgdKZu8gdmVbIzlvhVQpHRRGsVdBnBCe2Om+yNNJDVuNN4cLt 6x98BHrz2vdTA8dcKgHEQIWODFupniiI/mSQRuPW9p1CC+yReTrJLqGRmR2RkTFxlVx605zG TDmwvloo2+rvCAzAPG3WO71eUZpDKh8KoDOCW/sLlXFtzesHfrWG2nYczGgNkBmpDu1L/tqq iJn/5vBbU115qbRBDJnfKk4Xid7N9p0Q6v9bbQuwqcneXpAD09EMZPnoRfb1/Q7Fchpsh11O ZR03uerIc/N2KIoMxsj+K4KC2Cu3DE1kbKq9Rj+UB3QM8bcvtcvIYf9ERaHNMJGz/78pkuFK 1rANvH7PhbfFuGZzSB11Mfi+CETzA2BFOLU0ICssua33xfm2141VIRwIgakm0b/JwwRpFY76 DPM7hulrtJUsgKBJgNTNspUI+yECjAUBjMOGWdLRDuE7wGIWvEr9rt7LA89IiRCeg1JVsJ6e H8uX9jxB0PkhjVeLyzNbVwg2DwaXT4WyjxwcdD4JU8sqHgRdPQQF++dGw=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHY76JzZdOUSWsV/EuMjC67io5Dyq4uNcAAgAENE4A=
- Thread-topic: Revert of the 4.17 hypercall handler changes Re: [PATCH-for-4.17] xen: fix generated code for calling hypercall handlers
> On 4 Nov 2022, at 05:01, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx> wrote:
>
> The series claims "This is beneficial to performance and avoids
> speculation issues.", c/s 8523851dbc4.
>
> That half sentence is literally the sum total of justification given for
> this being related to speculation.
The cover letter, written on 15 Oct 2021, mentions “avoid[ing] indirect
function calls on the hypercall path”. Internal security@ discussions from the
time show that we were talking about Spectre-BHB (AKA BHI) and its impact on
function pointers, specifically those in the hypercall and exception dispatch.
Given that Spectre-BHB wasn’t made public until March 2022, it would have been
a violation of the embargo for Jürgen to go into more detail at that time.
It appears that your view on whether hypercall function call tables are a
vulnerable surface of attack has changed. But given that you once believed
they needed protecting, it’s not unreasonable for other people to think that
they may need protecting; and given that it’s reasonable to think that they may
need protecting, you should at least give a *little bit* of a justification for
why yo believe they don’t, rather than simply falling back to, “There’s no
evidence”.
-George
Attachment:
signature.asc
Description: Message signed with OpenPGP
|