On 02/01/2020 16:55, Wei Liu wrote: > On Thu, Jan 02, 2020 at 02:59:53PM +0000, Andrew Cooper wrote: >> The jmp after setting %cr0 is redundant with the following ljmp. >> >> The CPUID to protect the jump to higher mappings was inserted due to an >> abundance of caution/paranoia before Spectre was public. There is not a >> matching protection in the S3 resume path, and there is nothing >> interesting in memory at this point. > What do you mean by "there is nothing interesting in memory" here? > > As far as I can tell idel page table has been loaded. During AP > bring-up it contains runtime data, no?
We haven't even decompressed the dom0 kernel at this point. What data are you concerned by? This protection is only meaningful for virtualised guests, and is ultimately incomplete. If another VM can use Spectre v2 against this VM, it can also use Spectre v1 and have a far more interesting time. In the time since writing this code, it has become substantially more apparent that VMs must trust their hypervisor to provide adequate isolation, because there is literally nothing the VM can do itself. ~Andrew _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
