On 12/27/19 7:59 AM, Jan Beulich wrote:
> On 23.12.2019 19:08, George Dunlap wrote:
>> What about the attached series of patches (compile-tested only)?
>
> This ...
>
>> +#define nospec_clip(index, size) \
>> + ({ \
>> + bool clipped = (index >= size); \
>> + index = array_index_nospec(index, size); \
>> + clipped; \
>> + })
>
> ... in particular may misguide people on its use: If the clipped
> "index" gets stored in a register, all is going to be fine (afaict),
> but if it ends up in memory, there's be new (mis-)speculation
> opportunities.
That makes sense; but in that case code like this:
> + idx = array_index_nospec(idx, MAX_ALTP2M);
> +
...could end up stored on the stack and re-read, couldn't it? I mean
yes, it's *very likely* going to stay in a register, but there's no way
to actually guarantee it, is there?
-George
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
