On 06/03/2019 16:42, Jan Beulich wrote: >>>> On 27.02.19 at 17:13, <nmant...@amazon.de> wrote: >> This patch series attempts to mitigate the issue that have been raised in the >> XSA-289 (https://xenbits.xen.org/xsa/advisory-289.html). To block speculative >> execution on Intel hardware, an lfence instruction is required to make sure >> that selected checks are not bypassed. Speculative out-of-bound accesses can >> be prevented by using the array_index_nospec macro. >> >> The major change compared to version 8 is in grant_table handling, protecting >> a few more version comparisons. > > Apart from that last patch this series looks to have been ready to go in > for about a week. Would you still want to allow it in, or rather defer it > until after the release?
I'd like to defer them. Juergen _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
