On 12/27/19 7:59 AM, Jan Beulich wrote: > On 23.12.2019 19:08, George Dunlap wrote: >> What about the attached series of patches (compile-tested only)? > > This ... > >> +#define nospec_clip(index, size) \ >> + ({ \ >> + bool clipped = (index >= size); \ >> + index = array_index_nospec(index, size); \ >> + clipped; \ >> + }) > > ... in particular may misguide people on its use: If the clipped > "index" gets stored in a register, all is going to be fine (afaict), > but if it ends up in memory, there's be new (mis-)speculation > opportunities.
That makes sense; but in that case code like this: > + idx = array_index_nospec(idx, MAX_ALTP2M); > + ...could end up stored on the stack and re-read, couldn't it? I mean yes, it's *very likely* going to stay in a register, but there's no way to actually guarantee it, is there? -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel