>>> On 21.02.19 at 09:16, <nmant...@amazon.de> wrote: > Checks of domain properties, such as is_hardware_domain or is_hvm_domain, > might be bypassed by speculatively executing these instructions. A reason > for bypassing these checks is that these macros access the domain > structure via a pointer, and check a certain field. Since this memory > access is slow, the CPU assumes a returned value and continues the > execution. > > In case an is_control_domain check is bypassed, for example during a > hypercall, data that should only be accessible by the control domain could > be loaded into the cache. > > This is part of the speculative hardening effort. > > Signed-off-by: Norbert Manthey <nmant...@amazon.de>
Acked-by: Jan Beulich <jbeul...@suse.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel