Message ID | 20241028154932.6797-12-alejandro.vallejo@cloud.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | x86: Address Space Isolation FPU preparations | expand |
On 28.10.2024 16:49, Alejandro Vallejo wrote: > Overwrite the MPX data dumped in the idle XSAVE area to avoid leaking > it. While it's not very sensitive, better to err on the side of caution. > > Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> > --- > Depending on whether the idle domain is considered ASI or non-ASI this > might or might not be enough. If the idle domain is not ASI the XSAVE > area would be in the directmap, which would render the zap ineffective > because it would still be transiently readable from another pCPU. Yet that needs to be known / decided before this change can sensibly be acked. Jan
diff --git a/xen/arch/x86/xstate.c b/xen/arch/x86/xstate.c index 2a54da2823cf..a9a7ee2cd1e6 100644 --- a/xen/arch/x86/xstate.c +++ b/xen/arch/x86/xstate.c @@ -1025,7 +1025,7 @@ uint64_t read_bndcfgu(void) unsigned long cr0 = read_cr0(); struct vcpu *v = idle_vcpu[smp_processor_id()]; struct xsave_struct *xstate = vcpu_map_xsave_area(v); - const struct xstate_bndcsr *bndcsr; + struct xstate_bndcsr *bndcsr; ASSERT(cpu_has_mpx); clts(); @@ -1051,7 +1051,10 @@ uint64_t read_bndcfgu(void) write_cr0(cr0); if ( xstate->xsave_hdr.xstate_bv & X86_XCR0_BNDCSR ) + { ret = bndcsr->bndcfgu; + *bndcsr = (struct xstate_bndcsr){}; + } vcpu_unmap_xsave_area(v, xstate);
Overwrite the MPX data dumped in the idle XSAVE area to avoid leaking it. While it's not very sensitive, better to err on the side of caution. Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> --- Depending on whether the idle domain is considered ASI or non-ASI this might or might not be enough. If the idle domain is not ASI the XSAVE area would be in the directmap, which would render the zap ineffective because it would still be transiently readable from another pCPU. --- xen/arch/x86/xstate.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)