Re: [Xen-devel] [PATCH SpectreV1+L1TF v6 9/9] common/memory: block speculative out-of-bound accesses

On 2/12/19 15:31, Jan Beulich wrote: On 08.02.19 at 14:44, wrote: >> @@ -33,10 +34,11 @@ unsigned long __read_mostly >> pdx_group_valid[BITS_TO_LONGS( >> >> bool __mfn_valid(unsigned long mfn) >> { >> -return likely(mfn < max_page) && >> - likely(!(mfn & pfn_hole_mask)) &&

Re: [Xen-devel] [PATCH SpectreV1+L1TF v6 9/9] common/memory: block speculative out-of-bound accesses

>>> On 08.02.19 at 14:44, wrote: > @@ -33,10 +34,11 @@ unsigned long __read_mostly pdx_group_valid[BITS_TO_LONGS( > > bool __mfn_valid(unsigned long mfn) > { > -return likely(mfn < max_page) && > - likely(!(mfn & pfn_hole_mask)) && > - likely(test_bit(pfn_to_pdx(mfn) /

[Xen-devel] [PATCH SpectreV1+L1TF v6 9/9] common/memory: block speculative out-of-bound accesses

The get_page_from_gfn method returns a pointer to a page that belongs to a gfn. Before returning the pointer, the gfn is checked for being valid. Under speculation, these checks can be bypassed, so that the function get_page is still executed partially. Consequently, the function page_get_owner_and