[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks

To: Jürgen Groß <jgross@xxxxxxxx>, "Xen.org security team" <security@xxxxxxx>, xen-announce@xxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx, xen-users@xxxxxxxxxxxxx, oss-security@xxxxxxxxxxxxxxxxxx
From: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
Date: Thu, 02 Jan 2025 14:06:39 +0000
Cc: "Xen.org security team" <security-team-members@xxxxxxx>
Delivery-date: Thu, 02 Jan 2025 16:11:30 +0000
List-id: Xen user discussion <xen-users.lists.xenproject.org>

On Thu, 2025-01-02 at 15:02 +0100, Jürgen Groß wrote:
> > Are you suggesting that you're able to enable the CPU-specific CFI
> > protections before you even know whether it's an Intel or AMD CPU?
> 
> Not before that, but maybe rather soon afterwards. And the hypercall page
> needs to be decommissioned before the next hypercall is happening. The 
> question
> is whether we have a hook in place to do that switch between cpu 
> identification
> and CFI enabling.

Not sure that's how I'd phrase it. Even if we have to add a hook at the
right time to switch from the Xen-populated hypercall page to the one
filled in by Linux, the question is whether adding that hook is simpler
than all this early static_call stuff that's been thrown together, and
the open questions about the 64-bit latching.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: Jürgen Groß

References:
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: Jürgen Groß
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: David Woodhouse
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: Jürgen Groß
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: David Woodhouse
- Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
  - From: Jürgen Groß

Prev by Date: Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
Next by Date: Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
Previous by thread: Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
Next by thread: Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.