xenbits.xensource.com Git - xen.git/commit

author	Jan Beulich <jbeulich@suse.com>
	Fri, 20 Oct 2023 13:50:05 +0000 (15:50 +0200)
committer	Jan Beulich <jbeulich@suse.com>
	Fri, 20 Oct 2023 13:50:05 +0000 (15:50 +0200)
commit	bad1ac345b1910b820b8a703ad1b9f66412ea844
tree	ea4ffedc81f9179439a3c77a554fa84575aa1fc2	tree
parent	8a5ef972bab3ad57bf017a42601943aa05811536	commit \| diff

x86: support data operand independent timing mode

[1] specifies a long list of instructions which are intended to exhibit
timing behavior independent of the data they operate on. On certain
hardware this independence is optional, controlled by a bit in a new
MSR. Provide a command line option to control the mode Xen and its
guests are to operate in, with a build time control over the default.
Longer term we may want to allow guests to control this.

Since Arm64 supposedly also has such a control, put command line option
and Kconfig control in common files.

[1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html

Requested-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Release-acked-by: Henry Wang <Henry.Wang@arm.com>

CHANGELOG.md		diff \| blob \| blame \| history
docs/misc/xen-command-line.pandoc		diff \| blob \| blame \| history
xen/arch/x86/Kconfig		diff \| blob \| blame \| history
xen/arch/x86/cpu/common.c		diff \| blob \| blame \| history
xen/arch/x86/include/asm/cpufeature.h		diff \| blob \| blame \| history
xen/common/Kconfig		diff \| blob \| blame \| history
xen/common/kernel.c		diff \| blob \| blame \| history
xen/include/xen/param.h		diff \| blob \| blame \| history