git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Juergen Gross <jgross@suse.com>
	Thu, 17 Oct 2024 13:27:31 +0000 (15:27 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 19 Dec 2024 17:07:23 +0000 (18:07 +0100)
commit	ae7c1c5233237cd89bf1bb59fbcad516212c6f42
tree	0390639fcde30b2d3c45be0ce3e5473e27cdcb7c	tree
parent	1ef790d6bf55099750f1402b188c27bc42261c41	commit \| diff

x86/xen: remove hypercall page

commit 7fa0da5373685e7ed249af3fa317ab1e1ba8b0a6 upstream.

The hypercall page is no longer needed. It can be removed, as from the
Xen perspective it is optional.

But, from Linux's perspective, it removes naked RET instructions that
escape the speculative protections that Call Depth Tracking and/or
Untrain Ret are trying to achieve.

This is part of XSA-466 / CVE-2024-53241.

Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

arch/x86/include/asm/xen/hypercall.h		diff \| blob \| blame \| history
arch/x86/xen/enlighten.c		diff \| blob \| blame \| history
arch/x86/xen/enlighten_hvm.c		diff \| blob \| blame \| history
arch/x86/xen/enlighten_pvh.c		diff \| blob \| blame \| history
arch/x86/xen/xen-head.S		diff \| blob \| blame \| history