On 18.02.2021 16:01, Norbert Manthey wrote: > To prevent leaking HVM params via L1TF and similar issues on a > hyperthread pair, let's load values of domains only after performing all > relevant checks, and blocking speculative execution. > > For both get and set, the value of the index is already checked in the > outer calling function. The block_speculation calls in hvmop_get_param > and hvmop_set_param are removed, because is_hvm_domain already blocks > speculation. > > Furthermore, speculative barriers are re-arranged to make sure we do not > allow guests running on co-located VCPUs to leak hvm parameter values of > other domains. > > To improve symmetry between the get and set operations, function > hvmop_set_param is made static. > > This is part of the speculative hardening effort. > > Signed-off-by: Norbert Manthey <nmant...@amazon.de> > Reported-by: Hongyan Xia <hongy...@amazon.co.uk> > Release-Acked-by: Ian Jackson <i...@xenproject.org>
Reviewed-by: Jan Beulich <jbeul...@suse.com>
