63ab2df174
commit 7fa0da5373685e7ed249af3fa317ab1e1ba8b0a6 upstream. The hypercall page is no longer needed. It can be removed, as from the Xen perspective it is optional. But, from Linux's perspective, it removes naked RET instructions that escape the speculative protections that Call Depth Tracking and/or Untrain Ret are trying to achieve. This is part of XSA-466 / CVE-2024-53241. Reported-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
48 lines
1.1 KiB
C
Executable file
48 lines
1.1 KiB
C
Executable file
// SPDX-License-Identifier: GPL-2.0
|
|
#include <linux/acpi.h>
|
|
|
|
#include <xen/hvc-console.h>
|
|
|
|
#include <asm/io_apic.h>
|
|
#include <asm/hypervisor.h>
|
|
#include <asm/e820/api.h>
|
|
|
|
#include <xen/xen.h>
|
|
#include <asm/xen/interface.h>
|
|
#include <asm/xen/hypercall.h>
|
|
|
|
#include <xen/interface/memory.h>
|
|
|
|
#include "xen-ops.h"
|
|
|
|
/*
|
|
* PVH variables.
|
|
*
|
|
* The variable xen_pvh needs to live in the data segment since it is used
|
|
* after startup_{32|64} is invoked, which will clear the .bss segment.
|
|
*/
|
|
bool xen_pvh __section(".data") = 0;
|
|
|
|
void __init xen_pvh_init(struct boot_params *boot_params)
|
|
{
|
|
xen_pvh = 1;
|
|
xen_domain_type = XEN_HVM_DOMAIN;
|
|
xen_start_flags = pvh_start_info.flags;
|
|
|
|
xen_efi_init(boot_params);
|
|
}
|
|
|
|
void __init mem_map_via_hcall(struct boot_params *boot_params_p)
|
|
{
|
|
struct xen_memory_map memmap;
|
|
int rc;
|
|
|
|
memmap.nr_entries = ARRAY_SIZE(boot_params_p->e820_table);
|
|
set_xen_guest_handle(memmap.buffer, boot_params_p->e820_table);
|
|
rc = HYPERVISOR_memory_op(XENMEM_memory_map, &memmap);
|
|
if (rc) {
|
|
xen_raw_printk("XENMEM_memory_map failed (%d)\n", rc);
|
|
BUG();
|
|
}
|
|
boot_params_p->e820_entries = memmap.nr_entries;
|
|
}
|