[Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263 fixes

Julien Grall posted 19 patches 36 weeks ago
Failed in applying to current master (apply log)
docs/misc/xen-command-line.pandoc |  45 +++-------
xen/arch/arm/alternative.c        |   2 -
xen/arch/arm/arm32/entry.S        |  80 ++++++++++++++----
xen/arch/arm/arm32/traps.c        |  12 +--
xen/arch/arm/arm64/entry.S        | 170 +++++++++++++++++++++-----------------
xen/arch/arm/domain.c             |  11 ---
xen/arch/arm/traps.c              | 166 +++++++++++++++++--------------------
xen/include/asm-arm/alternative.h |  75 ++++++++++++-----
xen/include/asm-arm/cpufeature.h  |  11 ++-
xen/include/asm-arm/insn.h        |   7 ++
xen/include/asm-arm/livepatch.h   |   4 +-
xen/include/asm-arm/macros.h      |   7 ++
xen/include/asm-arm/processor.h   |   2 +-
13 files changed, 323 insertions(+), 269 deletions(-)

[Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263 fixes

Posted by Julien Grall 36 weeks ago
Hi all,

This is v4 of the series. For those wondering why it is v4 and not v2, this
series is closely related to XSA-303 [1] and refrained to post a new version
publicly. To avoid delaying the series was reviewed privately on security@.

The series is now nearly fully reviewed. There are just a few missing tags
for patch #11, #12 and #19.

The series is based on XSA-303 which has not yet been committed. For
convenience, I have pushed a branch on my public git:

https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
branch entry-rework/v4

@Juergen: On v1, you agreed this should be considered as a blocker for Xen 4.13.
Are you still happy to consider this series to go in Xen 4.13?This is mostly
fixing up the non-XSA part of XSA-303. This should allow to handle properly
SSBD workaround and receive safely SErrors.

Cheers,

[1] https://xenbits.xen.org/xsa/advisory-303.html

Cc: jgross@suse.com

Julien Grall (18):
  docs/misc: xen-command-line: Remove wrong statement from
    serrors=diverse
  xen/arm: Remove serrors=forward
  xen/arm: traps: Rework __do_serror() documentation
  docs/misc: xen-command-line: Rework documentation of the option
    'serrors'
  xen/arm: traps: Update the correct PC when inject a virtual SError to
    the guest
  xen/arm64: entry: Avoid open-coding interrupt flags
  xen/arm64: entry: Introduce a macro to generate guest vector and use
    it
  xen/arm64: entry: Check if an SError is pending when receiving a
    vSError
  xen/arm: traps: Rework entry/exit from the guest path
  xen/arm32: entry: Rename save_guest_regs()
  xen/arm: Ensure the SSBD workaround is re-enabled right after exiting
    a guest
  xen/arm: traps: Don't ignore invalid value for serrors=
  xen/arm: alternative: Remove unused parameter for
    alternative_if_not_cap
  xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h
  xen/arm: Allow insn.h to be called from assembly
  xen/arm: asm: Replace use of ALTERNATIVE with alternative_if
  xen/arm: Update the ASSERT() in SYNCHRONIZE_SERROR()
  xen/arm: entry: Ensure the guest state is synced when receiving a
    vSError

Mark Rutland (1):
  xen/arm: alternative: add auto-nop infrastructure

 docs/misc/xen-command-line.pandoc |  45 +++-------
 xen/arch/arm/alternative.c        |   2 -
 xen/arch/arm/arm32/entry.S        |  80 ++++++++++++++----
 xen/arch/arm/arm32/traps.c        |  12 +--
 xen/arch/arm/arm64/entry.S        | 170 +++++++++++++++++++++-----------------
 xen/arch/arm/domain.c             |  11 ---
 xen/arch/arm/traps.c              | 166 +++++++++++++++++--------------------
 xen/include/asm-arm/alternative.h |  75 ++++++++++++-----
 xen/include/asm-arm/cpufeature.h  |  11 ++-
 xen/include/asm-arm/insn.h        |   7 ++
 xen/include/asm-arm/livepatch.h   |   4 +-
 xen/include/asm-arm/macros.h      |   7 ++
 xen/include/asm-arm/processor.h   |   2 +-
 13 files changed, 323 insertions(+), 269 deletions(-)

-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263 fixes

Posted by Jürgen Groß 36 weeks ago
On 31.10.19 16:09, Julien Grall wrote:
> Hi all,
> 
> This is v4 of the series. For those wondering why it is v4 and not v2, this
> series is closely related to XSA-303 [1] and refrained to post a new version
> publicly. To avoid delaying the series was reviewed privately on security@.
> 
> The series is now nearly fully reviewed. There are just a few missing tags
> for patch #11, #12 and #19.
> 
> The series is based on XSA-303 which has not yet been committed. For
> convenience, I have pushed a branch on my public git:
> 
> https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
> branch entry-rework/v4
> 
> @Juergen: On v1, you agreed this should be considered as a blocker for Xen 4.13.
> Are you still happy to consider this series to go in Xen 4.13?This is mostly
> fixing up the non-XSA part of XSA-303. This should allow to handle properly
> SSBD workaround and receive safely SErrors.

Yeah, still fine with me, so for the series:

Release-acked-by: Juergen Gross <jgross@suse.com>


Juergen

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH for-4.13 v4 00/19] xen/arm: XSA-201 and XSA-263 fixes

Posted by Julien Grall 36 weeks ago
Hi,

On 11/1/19 10:47 AM, Jürgen Groß wrote:
> On 31.10.19 16:09, Julien Grall wrote:
>> Hi all,
>>
>> This is v4 of the series. For those wondering why it is v4 and not v2, 
>> this
>> series is closely related to XSA-303 [1] and refrained to post a new 
>> version
>> publicly. To avoid delaying the series was reviewed privately on 
>> security@.
>>
>> The series is now nearly fully reviewed. There are just a few missing 
>> tags
>> for patch #11, #12 and #19.
>>
>> The series is based on XSA-303 which has not yet been committed. For
>> convenience, I have pushed a branch on my public git:
>>
>> https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git
>> branch entry-rework/v4
>>
>> @Juergen: On v1, you agreed this should be considered as a blocker for 
>> Xen 4.13.
>> Are you still happy to consider this series to go in Xen 4.13?This is 
>> mostly
>> fixing up the non-XSA part of XSA-303. This should allow to handle 
>> properly
>> SSBD workaround and receive safely SErrors.
> 
> Yeah, still fine with me, so for the series:
> 
> Release-acked-by: Juergen Gross <jgross@suse.com>

Thank you! I took the liberty to commit the series with the renaming 
Stefano and I discussed yesterday.

Hopefully this is the last big series for Arm for Xen 4.13 :).

Cheers,

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel