x86: MMIO Stale Data vulnerabilities


#### ISSUE DESCRIPTION This issue is related to the SRBDS, TAA and MDS vulnerabilities. Please see: <a href="https://xenbits.xen.org/xsa/advisory-320.html">https://xenbits.xen.org/xsa/advisory-320.html</a> (SRBDS) <a href="https://xenbits.xen.org/xsa/advisory-305.html">https://xenbits.xen.org/xsa/advisory-305.html</a> (TAA) <a href="https://xenbits.xen.org/xsa/advisory-297.html">https://xenbits.xen.org/xsa/advisory-297.html</a> (MDS) Please see Intel's whitepaper: <a href="https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html">https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html</a> #### IMPACT An attacker might be able to directly read or infer data from other security contexts in the system. This can include data belonging to other VMs, or to Xen itself. The degree to which an attacker can obtain data depends on the CPU, and the system configuration. #### VULNERABLE SYSTEMS Systems running all versions of Xen are affected. Only x86 processors are vulnerable. Processors from other manufacturers (e.g. ARM) are not believed to be vulnerable. Only Intel based processors are affected. Processors from other x86 manufacturers (e.g. AMD) are not believed to be vulnerable. Please consult the Intel Security Advisory for details on the affected processors and configurations. Per Xen's support statement, PCI passthrough should be to trusted domains because the overall system security depends on factors outside of Xen's control. As such, Xen, in a supported configuration, is not vulnerable to DRPW/SBDR.