From nobody Tue Feb 10 05:43:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644843440; cv=none; d=zohomail.com; s=zohoarc; b=erUf4FTxuiY95luYnNFR8z7c1uqsixOahR5TCr6RnrsLxdQTvI4jpCultIYlmZ2jU9TP0atyEC8DDjkaH1zabXb1myKHqeqFUr93Y9Yg6IDvUMh4af2Rhv4zGqMMhBCxTFXONNwf7yFlG9JWnWm26AdxkSJ6lDuagmwOZFaBSZ0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644843440; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=VbjPJkMtniVOxzDgGYz0KfAhG9pshfI5xt7+rMePiXA=; b=BOyObB0ZRHOJG8zZi7MJhsh24/GqiQJAn7VYvMDhukYDqnkBi9WhozkAOw3BIxYK75KuEQc1EmtcUt1BBhNcXchSkcyDTi5vSim2FUmgjki2e9HE6GKR7PrH/UBjVsxN4vq+UdPUy5v3bwKSmCmfIFjR+Id1el2k3P1pZWQ/jGg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644843440453979.6788473358146; Mon, 14 Feb 2022 04:57:20 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.271578.466060 (Exim 4.92) (envelope-from ) id 1nJauV-0001Wt-NO; Mon, 14 Feb 2022 12:56:55 +0000 Received: by outflank-mailman (output) from mailman id 271578.466060; Mon, 14 Feb 2022 12:56:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nJauV-0001Wm-Jq; Mon, 14 Feb 2022 12:56:55 +0000 Received: by outflank-mailman (input) for mailman id 271578; Mon, 14 Feb 2022 12:56:54 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nJauU-0001Wb-4a for xen-devel@lists.xenproject.org; Mon, 14 Feb 2022 12:56:54 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 936b9f78-8d95-11ec-b215-9bbe72dcb22c; Mon, 14 Feb 2022 13:56:51 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 936b9f78-8d95-11ec-b215-9bbe72dcb22c DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644843412; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5PEQQ/t+uQZA4fZ6sVBA/WN/mnXeBHxy/ygwI1pyIvY=; b=UNWjCus7gZ0E78JL6p9Q+IzjpzIRIhJ/KBofSrEHnQRMYZesRevVW8Bl bGX9XF81fKMqNwTh1xjwoW7ioYqAp0mMt+RMwoGSBZDbeg4JoAaj429/x iCtbmlrkzx7GYdhR0X3XJ3PMJZuGnkDp33cM4fQZV2Jix0WHHcP97tW4j E=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: m2EkVewb1vahR/r+JHRysfu1ZNgbrrv4szf28kTfkMw8j9nyP2VCXoMmmo/NXoJNzYYLSdjGBK rWmRMhGy/te638LFeR2boY87SbYNTST6qi2BkP/zk47jpUZett2qwx10BrSij1TGXNa8NPr2WT 81oeZBqRg6/z1/bT/Rc3ZysTDu7/nw/MjSshHhpUcHeLPeaDhUG1KindsCAahJThHRP+gwvHcV RmEUKW7Vx2QoW1LlDy59o0JCS3Fq1xoIOfQdl4ztBDM/Wf9vG92q5KKNsA3QbXqc1WCahNkSce xG6uwEtrgu8RrI+loWr8qov0 X-SBRS: 5.1 X-MesageID: 66373620 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:KUs1xKvSm64PCejjaSMrIZ1kr+fnVGlZMUV32f8akzHdYApBsoF/q tZmKTyFa/2IMGCmeI93ao239BhVsJbVzIVlT1E5+C0yE3wX+JbJXdiXEBz9bniYRiHhoOOLz Cm8hv3odp1coqr0/0/1WlTZQP0VOZigHtIQMsadUsxKbVIiGHdJZS5LwbZj2NYy2IThWmthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Npl5b2dTyUpPLDwycsZUAFRLApAAPQZ5+qSSZS/mZT7I0zudnLtx7NlDV0sPJ1e8eFyaY1M3 aVGcnZXNEnF3r/ohuLgIgVvrp1LwM3DFYUToHx/ixreCu4rW8vrSKTW/95Imjw3g6iiGN6AO ZFGMmQ1NHwsZTV3IHIoELwht92Fh1PcfDJgoVyz+Yw4tj27IAtZj+G2bYu9lsaxbdpRtlaVo CTB5WuRKjMwOcGbyDGF2mmxneKJliT+MKoCGbv9+vN0jVm7wm0IFAZQRVa9ueO+iEO1R5RYM UN8x8Y1hfFsrgrxFIC7BkDm5i7f1vIBZzZOO70bxQevyqjJ31e2AmscRwFqVuF/69BjEFTGy WS1t9/uADVutpicRnSc6qqYoFuOBMQFEYMRTXRaFFVYurEPtKl210uSFYg7TMZZm/WoQWmY/ tyckMQpa1z/Z+Yv3r7zw13IiinESnPhHl9svVW/so5IA2pEiG+Zi26AtAKzARVodt/xory9U J8swZb20Qz2JcvR/BFhuc1UdF1T296LMSfHnXlkFIQ7+jKm9haLJN4MvG4udBo0ap9fI1cFh XM/XisLuvdu0IaCN/crM+pd9ex2pUQfKTgVfq+NNYcfCnSAXASG4DtvdSatM5PFyyARfVUEE c7DK66EVC9CYYw+lWbeb7pNgNcDm3FlrUuOFM+T8vhS+efHDJJjYexeawXmgyFQxP7snTg5B P4Ba5rUm00HCrWWj+u+2dd7EG3m5EMTXfjew/G7vMbaSua/MG1+WfLX3507fIlpw/ZcmuvSp ynvUU5E0lvvw3bALFzSOHxkbbruW7d5rG46YnNwbQr5hSB7bNb99robers2YaIjqL5pw8lrQ qRXYM6HGPlOFGjKomxPcZnnoYV+Xx23ngbSbTG9aT0ycsc4FQzE89PpZCX18ywKAnblvMcyu eT4hAjaXYACV0JpC8OPMKCjyFa4vH48nuNuXhSXfokPKRu0qIUzcn7/lP46Jc0IOC7v/DrC2 lbEGwocqMnMv5QxrIvDi5ebotr7COB5BEdbQTXWtO7kKSnA82O/6oZcS+LULyvFXWb59aj+N +VYy/bwbK8OkFpQ6tcuFr9qyeQ15sf1pq8cxQNhRS2ZY1OuA7JmA3+HwcgQ6fEdmu4H4VO7C hCV591XGbSVI8e0QlceKT0sYvmHyfxJyCLZ6u44IRmi6SJ6lFZdvZ6+4/VYZPRhEYZI IronPort-HdrOrdr: A9a23:BhIo76xSkGhTxw7hj4IAKrPwFL1zdoMgy1knxilNoRw8SKKlfq eV7Y0mPH7P+VAssR4b+exoVJPtfZqYz+8R3WBzB8bEYOCFghrKEGgK1+KLqFeMJ8S9zJ846U 4JSdkHNDSaNzlHZKjBjzVQa+xQouW6zA== X-IronPort-AV: E=Sophos;i="5.88,367,1635220800"; d="scan'208";a="66373620" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH v2 7/7] x86/vpmu: Harden indirect branches Date: Mon, 14 Feb 2022 12:56:32 +0000 Message-ID: <20220214125632.24563-8-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220214125632.24563-1-andrew.cooper3@citrix.com> References: <20220214125632.24563-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644843441259100003 As all function pointer calls are resoved to direct calls on boot, clobber = the endbr64 instructions too to make life harder for an attacker which has mana= ged to hijack a function pointer. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu v2: * Use __initconst_cf_clobber --- xen/arch/x86/cpu/vpmu_amd.c | 2 +- xen/arch/x86/cpu/vpmu_intel.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/cpu/vpmu_amd.c b/xen/arch/x86/cpu/vpmu_amd.c index 5963ce90150a..9bacc02ec135 100644 --- a/xen/arch/x86/cpu/vpmu_amd.c +++ b/xen/arch/x86/cpu/vpmu_amd.c @@ -518,7 +518,7 @@ static int cf_check svm_vpmu_initialise(struct vcpu *v) return 0; } =20 -static const struct arch_vpmu_ops __initconstrel amd_vpmu_ops =3D { +static const struct arch_vpmu_ops __initconst_cf_clobber amd_vpmu_ops =3D { .initialise =3D svm_vpmu_initialise, .do_wrmsr =3D amd_vpmu_do_wrmsr, .do_rdmsr =3D amd_vpmu_do_rdmsr, diff --git a/xen/arch/x86/cpu/vpmu_intel.c b/xen/arch/x86/cpu/vpmu_intel.c index 48b81ab6f018..8612f46973ef 100644 --- a/xen/arch/x86/cpu/vpmu_intel.c +++ b/xen/arch/x86/cpu/vpmu_intel.c @@ -880,7 +880,7 @@ static int cf_check vmx_vpmu_initialise(struct vcpu *v) return 0; } =20 -static const struct arch_vpmu_ops __initconstrel core2_vpmu_ops =3D { +static const struct arch_vpmu_ops __initconst_cf_clobber core2_vpmu_ops = =3D { .initialise =3D vmx_vpmu_initialise, .do_wrmsr =3D core2_vpmu_do_wrmsr, .do_rdmsr =3D core2_vpmu_do_rdmsr, --=20 2.11.0