Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-31 Thread Stefano Stabellini
On Wed, 31 Jan 2018, Julien Grall wrote: > On 26/01/18 16:21, Julien Grall wrote: > > > "Therefore hypervisor code running with guest vectors table should be > > > minimized and always have interrupts and async aborts masked to reduce > > > the risk to use them." > > > > > > Do you think that it i

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-31 Thread Julien Grall
On 26/01/18 16:21, Julien Grall wrote: "Therefore hypervisor code running with guest vectors table should be minimized and always have interrupts and async aborts masked to reduce the risk to use them." Do you think that it is clearer? Well, that was covered by "interrupts". If you look at t

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-26 Thread Julien Grall
Hi Stefano, On 25/01/18 19:37, Stefano Stabellini wrote: On Thu, 25 Jan 2018, Julien Grall wrote: Hi, On 25/01/18 18:45, Stefano Stabellini wrote: On Thu, 25 Jan 2018, Julien Grall wrote: Hi Stefano, On 24/01/18 23:54, Stefano Stabellini wrote: On Fri, 19 Jan 2018, Julien Grall wrote: Ali

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-25 Thread Stefano Stabellini
On Thu, 25 Jan 2018, Julien Grall wrote: > Hi, > > On 25/01/18 18:45, Stefano Stabellini wrote: > > On Thu, 25 Jan 2018, Julien Grall wrote: > > > Hi Stefano, > > > > > > On 24/01/18 23:54, Stefano Stabellini wrote: > > > > On Fri, 19 Jan 2018, Julien Grall wrote: > > > > > Aliasing attacked agai

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-25 Thread Julien Grall
Hi, On 25/01/18 18:45, Stefano Stabellini wrote: On Thu, 25 Jan 2018, Julien Grall wrote: Hi Stefano, On 24/01/18 23:54, Stefano Stabellini wrote: On Fri, 19 Jan 2018, Julien Grall wrote: Aliasing attacked against CPU branch predictors can allow an attacker to redirect speculative control fl

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-25 Thread Stefano Stabellini
On Thu, 25 Jan 2018, Julien Grall wrote: > Hi Stefano, > > On 24/01/18 23:54, Stefano Stabellini wrote: > > On Fri, 19 Jan 2018, Julien Grall wrote: > > > Aliasing attacked against CPU branch predictors can allow an attacker to > > > redirect speculative control flow on some CPUs and potentially d

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-25 Thread Julien Grall
Hi Stefano, On 24/01/18 23:54, Stefano Stabellini wrote: On Fri, 19 Jan 2018, Julien Grall wrote: Aliasing attacked against CPU branch predictors can allow an attacker to redirect speculative control flow on some CPUs and potentially divulge information from one context to another. This patch

Re: [Xen-devel] [PATCH 4/7] xen/arm32: Add skeleton to harden branch predictor aliasing attacks

2018-01-24 Thread Stefano Stabellini
On Fri, 19 Jan 2018, Julien Grall wrote: > Aliasing attacked against CPU branch predictors can allow an attacker to > redirect speculative control flow on some CPUs and potentially divulge > information from one context to another. > > This patch adds initiatial skeleton code behind a new Kconfig