From mboxrd@z Thu Jan  1 00:00:00 1970
From: Norbert Manthey <nmanthey@amazon.de>
Subject: [PATCH SpectreV1+L1TF v5 8/9] common/grant_table: block
 speculative out-of-bound accesses
Date: Tue, 29 Jan 2019 15:43:16 +0100
Message-ID: <1548772997-32742-9-git-send-email-nmanthey@amazon.de>
References: <c755dfdd-3c1e-5ccd-983f-11d0b35bb342@suse.com>
 <1548772997-32742-1-git-send-email-nmanthey@amazon.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Return-path: <xen-devel-bounces@lists.xenproject.org>
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=TCeJ=QF=amazon.de=prvs=9250e2409=nmanthey@srs-us1.protection.inumbo.net>)
 id 1goUdc-00026m-3b
 for xen-devel@lists.xenproject.org; Tue, 29 Jan 2019 14:45:20 +0000
In-Reply-To: <1548772997-32742-1-git-send-email-nmanthey@amazon.de>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
To: xen-devel@lists.xenproject.org
Cc: Juergen Gross <jgross@suse.com>, Tim Deegan <tim@xen.org>, Stefano Stabellini <sstabellini@kernel.org>, Wei Liu <wei.liu2@citrix.com>, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>, George Dunlap <George.Dunlap@eu.citrix.com>, Andrew Cooper <andrew.cooper3@citrix.com>, Ian Jackson <ian.jackson@eu.citrix.com>, Dario Faggioli <dfaggioli@suse.com>, Martin Pohlack <mpohlack@amazon.de>, Julien Grall <julien.grall@arm.com>, David Woodhouse <dwmw@amazon.co.uk>, Jan Beulich <jbeulich@suse.com>, Martin Mazein <amazein@amazon.de>, Julian Stecklina <jsteckli@amazon.de>, Bjoern Doebel <doebel@amazon.de>, Norbert Manthey <nmanthey@amazon.de>
List-Id: xen-devel@lists.xenproject.org

R3Vlc3RzIGNhbiBpc3N1ZSBncmFudCB0YWJsZSBvcGVyYXRpb25zIGFuZCBwcm92aWRlIGd1ZXN0
IGNvbnRyb2xsZWQKZGF0YSB0byB0aGVtLiBUaGlzIGRhdGEgaXMgYWxzbyB1c2VkIGZvciBtZW1v
cnkgbG9hZHMuIFRvIGF2b2lkCnNwZWN1bGF0aXZlIG91dC1vZi1ib3VuZCBhY2Nlc3Nlcywgd2Ug
dXNlIHRoZSBhcnJheV9pbmRleF9ub3NwZWMgbWFjcm8Kd2hlcmUgYXBwbGljYWJsZS4gSG93ZXZl
ciwgdGhlcmUgYXJlIGFsc28gbWVtb3J5IGFjY2Vzc2VzIHRoYXQgY2Fubm90CmJlIHByb3RlY3Rl
ZCBieSBhIHNpbmdsZSBhcnJheSBwcm90ZWN0aW9uLCBvciBtdWx0aXBsZSBhY2Nlc3NlcyBpbiBh
CnJvdy4gVG8gcHJvdGVjdCB0aGVzZSwgYSBub3NwZWMgYmFycmllciBpcyBwbGFjZWQgYmV0d2Vl
biB0aGUgYWN0dWFsCnJhbmdlIGNoZWNrIGFuZCB0aGUgYWNjZXNzIHZpYSB0aGUgYmxvY2tfc3Bl
Y3VsYXRpb24gbWFjcm8uCgpUaGlzIGNvbW1pdCBpcyBwYXJ0IG9mIHRoZSBTcGVjdHJlVjErTDFU
RiBtaXRpZ2F0aW9uIHBhdGNoIHNlcmllcy4KClNpZ25lZC1vZmYtYnk6IE5vcmJlcnQgTWFudGhl
eSA8bm1hbnRoZXlAYW1hem9uLmRlPgoKLS0tCiB4ZW4vY29tbW9uL2dyYW50X3RhYmxlLmMgfCAy
NSArKysrKysrKysrKysrKysrKysrKysrLS0tCiAxIGZpbGUgY2hhbmdlZCwgMjIgaW5zZXJ0aW9u
cygrKSwgMyBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vY29tbW9uL2dyYW50X3RhYmxl
LmMgYi94ZW4vY29tbW9uL2dyYW50X3RhYmxlLmMKLS0tIGEveGVuL2NvbW1vbi9ncmFudF90YWJs
ZS5jCisrKyBiL3hlbi9jb21tb24vZ3JhbnRfdGFibGUuYwpAQCAtMzcsNiArMzcsNyBAQAogI2lu
Y2x1ZGUgPHhlbi9wYWdpbmcuaD4KICNpbmNsdWRlIDx4ZW4va2V5aGFuZGxlci5oPgogI2luY2x1
ZGUgPHhlbi92bWFwLmg+CisjaW5jbHVkZSA8eGVuL25vc3BlYy5oPgogI2luY2x1ZGUgPHhzbS94
c20uaD4KICNpbmNsdWRlIDxhc20vZmx1c2h0bGIuaD4KIApAQCAtMjAzLDggKzIwNCw5IEBAIHN0
YXRpYyBpbmxpbmUgdW5zaWduZWQgaW50IG5yX3N0YXR1c19mcmFtZXMoY29uc3Qgc3RydWN0IGdy
YW50X3RhYmxlICpndCkKIH0KIAogI2RlZmluZSBNQVBUUkFDS19QRVJfUEFHRSAoUEFHRV9TSVpF
IC8gc2l6ZW9mKHN0cnVjdCBncmFudF9tYXBwaW5nKSkKLSNkZWZpbmUgbWFwdHJhY2tfZW50cnko
dCwgZSkgXAotICAgICgodCktPm1hcHRyYWNrWyhlKS9NQVBUUkFDS19QRVJfUEFHRV1bKGUpJU1B
UFRSQUNLX1BFUl9QQUdFXSkKKyNkZWZpbmUgbWFwdHJhY2tfZW50cnkodCwgZSkgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBcCisgICAgKCh0KS0+bWFw
dHJhY2tbYXJyYXlfaW5kZXhfbm9zcGVjKGUsICh0KS0+bWFwdHJhY2tfbGltaXQpICAgICAgICAg
ICAgICAgICAgXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC9NQVBUUkFD
S19QRVJfUEFHRV1bKGUpJU1BUFRSQUNLX1BFUl9QQUdFXSkKIAogc3RhdGljIGlubGluZSB1bnNp
Z25lZCBpbnQKIG5yX21hcHRyYWNrX2ZyYW1lcyhzdHJ1Y3QgZ3JhbnRfdGFibGUgKnQpCkBAIC05
NjMsNiArOTY1LDkgQEAgbWFwX2dyYW50X3JlZigKICAgICAgICAgUElOX0ZBSUwodW5sb2NrX291
dCwgR05UU1RfYmFkX2dudHJlZiwgIkJhZCByZWYgJSN4IGZvciBkJWRcbiIsCiAgICAgICAgICAg
ICAgICAgIG9wLT5yZWYsIHJndC0+ZG9tYWluLT5kb21haW5faWQpOwogCisgICAgLyogTWFrZSBz
dXJlIHRoZSBhYm92ZSBjaGVjayBpcyBub3QgYnlwYXNzZWQgc3BlY3VsYXRpdmVseSAqLworICAg
IG9wLT5yZWYgPSBhcnJheV9pbmRleF9ub3NwZWMob3AtPnJlZiwgbnJfZ3JhbnRfZW50cmllcyhy
Z3QpKTsKKwogICAgIGFjdCA9IGFjdGl2ZV9lbnRyeV9hY3F1aXJlKHJndCwgb3AtPnJlZik7CiAg
ICAgc2hhaCA9IHNoYXJlZF9lbnRyeV9oZWFkZXIocmd0LCBvcC0+cmVmKTsKICAgICBzdGF0dXMg
PSByZ3QtPmd0X3ZlcnNpb24gPT0gMSA/ICZzaGFoLT5mbGFncyA6ICZzdGF0dXNfZW50cnkocmd0
LCBvcC0+cmVmKTsKQEAgLTIwMjYsNiArMjAzMSw5IEBAIGdudHRhYl9wcmVwYXJlX2Zvcl90cmFu
c2ZlcigKICAgICAgICAgZ290byBmYWlsOwogICAgIH0KIAorICAgIC8qIE1ha2Ugc3VyZSB0aGUg
YWJvdmUgY2hlY2sgaXMgbm90IGJ5cGFzc2VkIHNwZWN1bGF0aXZlbHkgKi8KKyAgICByZWYgPSBh
cnJheV9pbmRleF9ub3NwZWMocmVmLCBucl9ncmFudF9lbnRyaWVzKHJndCkpOworCiAgICAgc2hh
ID0gc2hhcmVkX2VudHJ5X2hlYWRlcihyZ3QsIHJlZik7CiAKICAgICBzY29tYm8ud29yZCA9ICoo
dTMyICopJnNoYS0+ZmxhZ3M7CkBAIC0yMjIzLDcgKzIyMzEsOCBAQCBnbnR0YWJfdHJhbnNmZXIo
CiAgICAgICAgIG9rYXkgPSBnbnR0YWJfcHJlcGFyZV9mb3JfdHJhbnNmZXIoZSwgZCwgZ29wLnJl
Zik7CiAgICAgICAgIHNwaW5fbG9jaygmZS0+cGFnZV9hbGxvY19sb2NrKTsKIAotICAgICAgICBp
ZiAoIHVubGlrZWx5KCFva2F5KSB8fCB1bmxpa2VseShlLT5pc19keWluZykgKQorICAgICAgICAv
KiBNYWtlIHN1cmUgdGhpcyBjaGVjayBpcyBub3QgYnlwYXNzZWQgc3BlY3VsYXRpdmVseSAqLwor
ICAgICAgICBpZiAoIGV2YWx1YXRlX25vc3BlYyh1bmxpa2VseSghb2theSkgfHwgdW5saWtlbHko
ZS0+aXNfZHlpbmcpKSApCiAgICAgICAgIHsKICAgICAgICAgICAgIGJvb2xfdCBkcm9wX2RvbV9y
ZWYgPSAhZG9tYWluX2FkanVzdF90b3RfcGFnZXMoZSwgLTEpOwogCkBAIC0yNDA4LDYgKzI0MTcs
OSBAQCBhY3F1aXJlX2dyYW50X2Zvcl9jb3B5KAogICAgICAgICBQSU5fRkFJTChndF91bmxvY2tf
b3V0LCBHTlRTVF9iYWRfZ250cmVmLAogICAgICAgICAgICAgICAgICAiQmFkIGdyYW50IHJlZmVy
ZW5jZSAlI3hcbiIsIGdyZWYpOwogCisgICAgLyogTWFrZSBzdXJlIHRoZSBhYm92ZSBjaGVjayBp
cyBub3QgYnlwYXNzZWQgc3BlY3VsYXRpdmVseSAqLworICAgIGdyZWYgPSBhcnJheV9pbmRleF9u
b3NwZWMoZ3JlZiwgbnJfZ3JhbnRfZW50cmllcyhyZ3QpKTsKKwogICAgIGFjdCA9IGFjdGl2ZV9l
bnRyeV9hY3F1aXJlKHJndCwgZ3JlZik7CiAgICAgc2hhaCA9IHNoYXJlZF9lbnRyeV9oZWFkZXIo
cmd0LCBncmVmKTsKICAgICBpZiAoIHJndC0+Z3RfdmVyc2lvbiA9PSAxICkKQEAgLTI4MjYsNiAr
MjgzOCw5IEBAIHN0YXRpYyBpbnQgZ250dGFiX2NvcHlfYnVmKGNvbnN0IHN0cnVjdCBnbnR0YWJf
Y29weSAqb3AsCiAgICAgICAgICAgICAgICAgIG9wLT5kZXN0Lm9mZnNldCwgZGVzdC0+cHRyLm9m
ZnNldCwKICAgICAgICAgICAgICAgICAgb3AtPmxlbiwgZGVzdC0+bGVuKTsKIAorICAgIC8qIE1h
a2Ugc3VyZSB0aGUgYWJvdmUgY2hlY2tzIGFyZSBub3QgYnlwYXNzZWQgc3BlY3VsYXRpdmVseSAq
LworICAgIGJsb2NrX3NwZWN1bGF0aW9uKCk7CisKICAgICBtZW1jcHkoZGVzdC0+dmlydCArIG9w
LT5kZXN0Lm9mZnNldCwgc3JjLT52aXJ0ICsgb3AtPnNvdXJjZS5vZmZzZXQsCiAgICAgICAgICAg
IG9wLT5sZW4pOwogICAgIGdudHRhYl9tYXJrX2RpcnR5KGRlc3QtPmRvbWFpbiwgZGVzdC0+bWZu
KTsKQEAgLTMyMTEsNiArMzIyNiwxMCBAQCBzd2FwX2dyYW50X3JlZihncmFudF9yZWZfdCByZWZf
YSwgZ3JhbnRfcmVmX3QgcmVmX2IpCiAgICAgaWYgKCB1bmxpa2VseShyZWZfYiA+PSBucl9ncmFu
dF9lbnRyaWVzKGQtPmdyYW50X3RhYmxlKSkpCiAgICAgICAgIFBJTl9GQUlMKG91dCwgR05UU1Rf
YmFkX2dudHJlZiwgIkJhZCByZWYtYiAlI3hcbiIsIHJlZl9iKTsKIAorICAgIC8qIE1ha2Ugc3Vy
ZSB0aGUgYWJvdmUgY2hlY2tzIGFyZSBub3QgYnlwYXNzZWQgc3BlY3VsYXRpdmVseSAqLworICAg
IHJlZl9hID0gYXJyYXlfaW5kZXhfbm9zcGVjKHJlZl9hLCBucl9ncmFudF9lbnRyaWVzKGQtPmdy
YW50X3RhYmxlKSk7CisgICAgcmVmX2IgPSBhcnJheV9pbmRleF9ub3NwZWMocmVmX2IsIG5yX2dy
YW50X2VudHJpZXMoZC0+Z3JhbnRfdGFibGUpKTsKKwogICAgIC8qIFN3YXBwaW5nIHRoZSBzYW1l
IHJlZiBpcyBhIG5vLW9wLiAqLwogICAgIGlmICggcmVmX2EgPT0gcmVmX2IgKQogICAgICAgICBn
b3RvIG91dDsKLS0gCjIuNy40CgoKCgpBbWF6b24gRGV2ZWxvcG1lbnQgQ2VudGVyIEdlcm1hbnkg
R21iSApLcmF1c2Vuc3RyLiAzOAoxMDExNyBCZXJsaW4KR2VzY2hhZWZ0c2Z1ZWhyZXI6IENocmlz
dGlhbiBTY2hsYWVnZXIsIFJhbGYgSGVyYnJpY2gKVXN0LUlEOiBERSAyODkgMjM3IDg3OQpFaW5n
ZXRyYWdlbiBhbSBBbXRzZ2VyaWNodCBDaGFybG90dGVuYnVyZyBIUkIgMTQ5MTczIEIKCgoKX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVsIG1h
aWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcKaHR0cHM6Ly9saXN0cy54
ZW5wcm9qZWN0Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3hlbi1kZXZlbA==