A guest is allowed to use invalidate cache by set/way instruction (i.e DCISW)
without any restriction. As the cache is shared with Xen, the guest invalidate
an address being in used by Xen. This may lead a Xen crash because the memory
state is invalid.
Set the bit HCR.SWIO to upgrade invalidate cache by set/way instruction to an
invalidate and clean.
This is CVE-2014-2915 / XSA-93.
Signed-off-by: Julien Grall <julien.grall@linaro.org> Reported-by: Thomas Leonard <tal36@cam.ac.uk> Acked-by: Ian Campbell <ian.campbell@citrix.com>
projects / xen.git / commit