>>> On 27.02.19 at 17:13, <nmant...@amazon.de> wrote: > This patch series attempts to mitigate the issue that have been raised in the > XSA-289 (https://xenbits.xen.org/xsa/advisory-289.html). To block speculative > execution on Intel hardware, an lfence instruction is required to make sure > that selected checks are not bypassed. Speculative out-of-bound accesses can > be prevented by using the array_index_nospec macro. > > The major change compared to version 8 is in grant_table handling, protecting > a few more version comparisons.
Apart from that last patch this series looks to have been ready to go in for about a week. Would you still want to allow it in, or rather defer it until after the release? Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel