]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
x86/xen: remove hypercall page
authorJuergen Gross <jgross@suse.com>
Thu, 17 Oct 2024 13:27:31 +0000 (15:27 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 19 Dec 2024 17:13:24 +0000 (18:13 +0100)
commitf6e1c44d731a9fcfc36f351f6896960940aa69da
tree7da57398f11b147cc1d77d6b5fc28420557c65ba
parent42d50bb38a691ea8ac459b4f966f7e66f939c147
x86/xen: remove hypercall page

commit 7fa0da5373685e7ed249af3fa317ab1e1ba8b0a6 upstream.

The hypercall page is no longer needed. It can be removed, as from the
Xen perspective it is optional.

But, from Linux's perspective, it removes naked RET instructions that
escape the speculative protections that Call Depth Tracking and/or
Untrain Ret are trying to achieve.

This is part of XSA-466 / CVE-2024-53241.

Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/include/asm/xen/hypercall.h
arch/x86/kernel/callthunks.c
arch/x86/xen/enlighten.c
arch/x86/xen/enlighten_hvm.c
arch/x86/xen/enlighten_pvh.c
arch/x86/xen/xen-head.S