Re: [PATCH 08/11] arm64: KVM: Use per-CPU vector when BP hardening is enabled
From: Marc Zyngier
Date: Thu Jan 04 2018 - 12:04:09 EST
On 04/01/18 16:28, Ard Biesheuvel wrote:
> On 4 January 2018 at 15:08, Will Deacon <will.deacon@xxxxxxx> wrote:
>> From: Marc Zyngier <marc.zyngier@xxxxxxx>
>>
>> Now that we have per-CPU vectors, let's plug then in the KVM/arm64 code.
>>
>
> Why does bp hardening require per-cpu vectors?
The description is not 100% accurate. We have per *CPU type* vectors.
This stems from the following, slightly conflicting requirements:
- We have systems with more than one CPU type (think big-little)
- Different implementations require different BP hardening sequences
- The BP hardening sequence must be executed before doing any branch
The natural solution is to have one set of vectors per CPU type,
containing the BP hardening sequence for that particular implementation,
ending with a branch to the common code.
M.
--
Jazz is not dead. It just smells funny...