Overwrite the MPX data dumped in the idle XSAVE area to avoid leaking
it. While it's not very sensitive, better to err on the side of caution.

Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com>
---
Depending on whether the idle domain is considered ASI or non-ASI this
might or might not be enough. If the idle domain is not ASI the XSAVE
area would be in the directmap, which would render the zap ineffective
because it would still be transiently readable from another pCPU.
---
 xen/arch/x86/xstate.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/xstate.c b/xen/arch/x86/xstate.c
index 2a54da2823cf..a9a7ee2cd1e6 100644
--- a/xen/arch/x86/xstate.c
+++ b/xen/arch/x86/xstate.c
@@ -1025,7 +1025,7 @@ uint64_t read_bndcfgu(void)
     unsigned long cr0 = read_cr0();
     struct vcpu *v = idle_vcpu[smp_processor_id()];
     struct xsave_struct *xstate = vcpu_map_xsave_area(v);
-    const struct xstate_bndcsr *bndcsr;
+    struct xstate_bndcsr *bndcsr;
 
     ASSERT(cpu_has_mpx);
     clts();
@@ -1051,7 +1051,10 @@ uint64_t read_bndcfgu(void)
         write_cr0(cr0);
 
     if ( xstate->xsave_hdr.xstate_bv & X86_XCR0_BNDCSR )
+    {
         ret = bndcsr->bndcfgu;
+        *bndcsr = (struct xstate_bndcsr){};
+    }
 
     vcpu_unmap_xsave_area(v, xstate);
 
-- 
2.47.0

On 28.10.2024 16:49, Alejandro Vallejo wrote:
> Overwrite the MPX data dumped in the idle XSAVE area to avoid leaking
> it. While it's not very sensitive, better to err on the side of caution.
> 
> Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com>
> ---
> Depending on whether the idle domain is considered ASI or non-ASI this
> might or might not be enough. If the idle domain is not ASI the XSAVE
> area would be in the directmap, which would render the zap ineffective
> because it would still be transiently readable from another pCPU.

Yet that needs to be known / decided before this change can sensibly be
acked.

Jan